[HCS-D]HCS in 2005
krstic at fas.harvard.edu
Tue Dec 21 11:04:53 EST 2004
Philip Zeyliger wrote:
> The security model for WebDAV always seemed a little scary
> to me, but YMMV.
You're right, it's scary by default. There is a German company that has
done substantial work on adding a proper security model to the Apache
module implementation of WebDAV, though, and I'm in touch with the guy
who implemented that. We might be able to use their extensions or code
our own and get them merged upstream. Samba would definitely be a
short-term solution here, if we require one - but its security suffers
from its own set of fatal flaws: cleartext passwords, cleartext data.
More information about the hcs-discuss