Date: Tue, 16 Sep 2003 08:05:32 +0100 From: markm@freebsd.org To: Peter Pentchev <roam@ringlet.net> Cc: freebsd-security@freebsd.org Subject: Re: md5 salt Message-ID: <200309160705.h8G75WCF078889@grimreaper.grondar.org> In-Reply-To: Your message of "Tue, 16 Sep 2003 09:36:33 %2B0300." <20030916063632.GM397@straylight.oblivion.bg>
next in thread | previous in thread | raw e-mail | index | archive | help
Peter Pentchev writes: > The crypt.c and crypt-md5.c files in src/lib/libcrypt/ do not really > pose any restrictions on the salt, short of the obvious one of its > not containing a '$' character :) > > I guess going with the base64 characters would be a good bet. Any character that does not mess up master.passwd. So ":" is also a no-no. M -- Mark Murray iumop ap!sdn w,I idlaH
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200309160705.h8G75WCF078889>