[HCS-D]HCS in 2005

Ivan Krstic krstic at fas.harvard.edu
Tue Dec 21 11:04:53 EST 2004

Philip Zeyliger wrote:
> The security model for WebDAV always seemed a little scary
> to me, but YMMV.

You're right, it's scary by default. There is a German company that has 
done substantial work on adding a proper security model to the Apache 
module implementation of WebDAV, though, and I'm in touch with the guy 
who implemented that. We might be able to use their extensions or code 
our own and get them merged upstream. Samba would definitely be a 
short-term solution here, if we require one - but its security suffers 
from its own set of fatal flaws: cleartext passwords, cleartext data.


More information about the hcs-discuss mailing list