From owner-freebsd-security  Tue Apr 21 08:32:31 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id IAA25731
          for freebsd-security-outgoing; Tue, 21 Apr 1998 08:32:31 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from gateman.zeus.leitch.com (gateman.zeus.leitch.com [204.187.61.193])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA25697
          for <freebsd-security@FreeBSD.ORG>; Tue, 21 Apr 1998 15:32:16 GMT
          (envelope-from woods@tap.zeus.leitch.com)
Received: from zeus.leitch.com (tap.zeus.leitch.com [204.187.61.10]) by gateman.zeus.leitch.com (8.8.5/8.7.3/1.0) with ESMTP id LAA24057 for <freebsd-security@FreeBSD.ORG>; Tue, 21 Apr 1998 11:32:22 -0400 (EDT)
Received: from brain.zeus.leitch.com (brain.zeus.leitch.com [204.187.61.32]) by zeus.leitch.com (8.7.5/8.7.3/1.0) with ESMTP id LAA02586 for <freebsd-security@FreeBSD.ORG>; Tue, 21 Apr 1998 11:32:22 -0400 (EDT)
Received: (from woods@localhost)
	by brain.zeus.leitch.com (8.8.8/8.8.8) id LAA22702;
	Tue, 21 Apr 1998 11:32:22 -0400 (EDT)
	(envelope-from woods@tap.zeus.leitch.com)
Date: Tue, 21 Apr 1998 11:32:22 -0400 (EDT)
Message-Id: <199804211532.LAA22702@brain.zeus.leitch.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
From: woods@zeus.leitch.com (Greg A. Woods)
To: freebsd-security@FreeBSD.ORG
Subject: Re: Using MD5 insted of DES for passwd ecnryption 
In-Reply-To: Mike Smith's message
	of "Tue, April 21, 1998 05:59:33 -0700"
	regarding "Re: Using MD5 insted of DES for passwd ecnryption "
	id <199804211259.FAA00330@antipodes.cdrom.com>
References: <19980421124954.A1797@keltia.freenix.fr>
	<199804211259.FAA00330@antipodes.cdrom.com>
X-Mailer: VM 6.45 under Emacs 20.2.1
Reply-To: woods@zeus.leitch.com (Greg A. Woods)
Organization: Planix, Inc.; Toronto, Ontario; Canada
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk

[ On Tue, April 21, 1998 at 05:59:33 (-0700), Mike Smith wrote: ]
> Subject: Re: Using MD5 insted of DES for passwd ecnryption 
>
> As soon as you have more than one *different* binary running out of 
> /bin, you win of course, as there's only *one* copy (at most) of the
> common shared libraries being backed by physical memory.

That's not necessarily true, at least from what I've learned second
hand.  There can be a certain amount of overhead in terms of extra VM
pages allocated for shared memory, so one additional shared binary may
still not result in even reaching the same memory footprint as the same
fully static binaries would.  It would depend on the relative amounts of
the shared libraries that each given binary might link in.

In any case I'd be horrified to learn that whatever scheme of
controlling password encryption is chosen relies on shared libraries.
I think it should always be possible to statically link the whole system
if one so desires.  That's the one sure way to test if shared libraries
are causing any weirdness.

-- 
							Greg A. Woods

+1 416 443-1734      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message