From owner-freebsd-security  Mon Jun  1 13:00:28 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id NAA18543
          for freebsd-security-outgoing; Mon, 1 Jun 1998 13:00:28 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from critter.freebsd.dk (critter.freebsd.dk [195.8.129.14])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA18178
          for <freebsd-security@FreeBSD.ORG>; Mon, 1 Jun 1998 12:59:29 -0700 (PDT)
          (envelope-from phk@critter.freebsd.dk)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.8.7/8.8.5) with ESMTP id VAA05632;
	Mon, 1 Jun 1998 21:57:29 +0200 (CEST)
To: Robert Watson <robert+freebsd@cyrus.watson.org>
cc: Eivind Eklund <eivind@yes.no>, "J.A. Terranson" <sysadmin@mfn.org>,
        "freebsd-security@FreeBSD.ORG" <freebsd-security@FreeBSD.ORG>
Subject: Re: MD5 v. DES? 
In-reply-to: Your message of "Mon, 01 Jun 1998 15:47:38 EDT."
             <Pine.BSF.3.96.980601154152.4784E-100000@fledge.watson.org> 
Date: Mon, 01 Jun 1998 21:57:29 +0200
Message-ID: <5630.896731049@critter.freebsd.dk>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In message <Pine.BSF.3.96.980601154152.4784E-100000@fledge.watson.org>, Robert 
Watson writes:

>> I have been considering if we shouldn't introduce a 
>> 
>> 	int checkuserpassword(char *user, char *password);
>> 
>> in some library, rather than having all these programs know that
>> you should strcmp after calling crypt().  This would allow us to
>> do what you propose or RADIUS authentication for that matter...
>
>I personally dislike this idea -- where does this leave one-time-password
>users, etc?

Perfectly safe as always.  All it does is to make sure that you don't have
to modify, ftpd, telnetd, login, popper, and uhm... what is the last one,
I keep forgetting, Hmm.....

Basically what I'm saying is that if all the places which have to 
authenticate a user, had a call where they could say:

	"Is password <foo> acceptable for user <bar> in context <program>"

Then you can implement this function whichever way you want, rather than
have to modify twenty-odd programs which all do the

	wp = getpwbyname(...);
	getpassword(buffer);
	if (strcmp(pw->pw_passwd, crypt(pw->pw_password, buffer))) {
		sorry...
	}

--
Poul-Henning Kamp             FreeBSD coreteam member
phk@FreeBSD.ORG               "Real hackers run -current on their laptop."
"ttyv0" -- What UNIX calls a $20K state-of-the-art, 3D, hi-res color terminal

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message