Date: Mon, 16 Dec 1996 21:23:49 +0300 (MSK) From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7=2C_Andrey_Chernov?= <ache@nagual.ru> To: David Nugent <davidn@freefall.freebsd.org> Cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrsbin@freefall.freebsd.org Subject: Re: cvs commit: src/usr.sbin/pw pw_user.c Message-ID: <Pine.BSF.3.95.961216212100.887B-100000@nagual.ru> In-Reply-To: <199612161737.JAA20217@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 16 Dec 1996, David Nugent wrote: > davidn 96/12/16 09:37:59 > > Modified: usr.sbin/pw pw_user.c > Log: > Reviewed by: davidn@blaze.net.au > Submitted by: proff@iq.org > Security patch for better random password generation. > Please, fix this fix. /dev/urandom open and reading must cause immediately exit with error diagnostic, not fallback to MD5 hashing for FreeBSD. If you want portability, you can ifdef /dev/urandom code with __FreeBSD__. Really MD5 hashing not needed for FreeBSD and must be #ifdefed too. Testing !fd is clear error too. -- Andrey A. Chernov <ache@nagual.ru> http://www.nagual.ru/~ache/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.961216212100.887B-100000>