Re: gnats passwords

[Moe Elzubeir]

Actually you are right. But that only works when the passwords are in 
plain-text. For
example,

testguy:$0$testguy:admin:default

entry in the gnatsd.acess file would let you in as admin even if 
gnats.host_acess is set
to 'view'. But, as soon as I encrypt the password (haven't tested md5 yet), it 
doesn't
seem to care.

I think we have a bug.. should I enter a PR for this one?

―-
Mohammed Elzubeir

>>> Rick Macdonald <address@hidden> 12/20/01 03:04PM >>>
On Thu, 20 Dec 2001, Moe Elzubeir wrote:

> 
> 
> So far I have been able to get everything to run smoothly ;)
> 
> However, I am still very confused about the usr/password and 
> gnatsd.host_acess. Does one override the other?
> It seems that in my system, it doesn't matter what the users access level is 
> set to, it will still go with whatever
> is defined in gnatsd.host_acccess.
> 
> The documentation doesn't really tell if one overrides the other, so I don't 
> know why I'm experiencing that
> behavior. Any ideas?

In version 3.x (I don't think they changed it for V4?), the user's access
can increase the access level granted in host_access, but not lower it.

...RickM...