Date: Tue, 21 Apr 1998 09:35:41 -0700 From: Mike Smith <mike@smith.net.au> To: woods@zeus.leitch.com (Greg A. Woods) Cc: freebsd-security@FreeBSD.ORG Subject: Re: Using MD5 insted of DES for passwd ecnryption Message-ID: <199804211635.JAA00416@dingo.cdrom.com> In-Reply-To: Your message of "Tue, 21 Apr 1998 11:32:22 EDT." <199804211532.LAA22702@brain.zeus.leitch.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> [ On Tue, April 21, 1998 at 05:59:33 (-0700), Mike Smith wrote: ] > > Subject: Re: Using MD5 insted of DES for passwd ecnryption > > > > As soon as you have more than one *different* binary running out of > > /bin, you win of course, as there's only *one* copy (at most) of the > > common shared libraries being backed by physical memory. > > That's not necessarily true, at least from what I've learned second > hand. There can be a certain amount of overhead in terms of extra VM > pages allocated for shared memory, so one additional shared binary may > still not result in even reaching the same memory footprint as the same > fully static binaries would. Er, that's exactly what I said. > In any case I'd be horrified to learn that whatever scheme of > controlling password encryption is chosen relies on shared libraries. Why? That's like saying that you'd be horrified to learn that the scheme used executable programs, or relied on the VM system working. > I think it should always be possible to statically link the whole system > if one so desires. That's the one sure way to test if shared libraries > are causing any weirdness. How are you supposed to load arbitrary (possibly third-party) authentication modules if you have to have the source at build time? That's stupid. -- \\ Sometimes you're ahead, \\ Mike Smith \\ sometimes you're behind. \\ mike@smith.net.au \\ The race is long, and in the \\ msmith@freebsd.org \\ end it's only with yourself. \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199804211635.JAA00416>