LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Ubuntu debuts its Upstream Report

openSUSE and the distribution of proprietary software

LPC: What's happening with webcams

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

openwrt

openwrt

Posted Mar 7, 2008 1:29 UTC (Fri) by tetromino (subscriber, #33846)
In reply to: openwrt by afalko
Parent article: Authentication bypass in routers

Openwrt never used apache. The historical "White Russian" versions of openwrt (all those released before spring 2007) included a web interface that was implemented in shell script. Frankly, I would be surprised if the thing had no security issues.

However, modern "Kamikaze" releases of openwrt have no web interface at all; you configure them by ssh'ing in and editing config files, just like on a normal Linux server.

(Log in to post comments)

openwrt

Posted Mar 7, 2008 13:48 UTC (Fri) by jengelh (subscriber, #33263) [Link] 

There is X-Wrt/webif² built ontop of OpenWRT/Kamikaze — and it uses HTTP Authentication with
cookies. All good.

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds