Date: Tue, 21 Apr 1998 14:14:37 -0400 (EDT) From: woods@zeus.leitch.com (Greg A. Woods) To: freebsd-security@FreeBSD.ORG Subject: Re: Using MD5 insted of DES for passwd ecnryption Message-ID: <199804211814.OAA23669@brain.zeus.leitch.com> In-Reply-To: Mike Smith's message of "Tue, April 21, 1998 09:35:41 -0700" regarding "Re: Using MD5 insted of DES for passwd ecnryption " id <199804211635.JAA00416@dingo.cdrom.com> References: <199804211532.LAA22702@brain.zeus.leitch.com> <199804211635.JAA00416@dingo.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[ On Tue, April 21, 1998 at 09:35:41 (-0700), Mike Smith wrote: ] > Subject: Re: Using MD5 insted of DES for passwd ecnryption > > > I think it should always be possible to statically link the whole system > > if one so desires. That's the one sure way to test if shared libraries > > are causing any weirdness. > > How are you supposed to load arbitrary (possibly third-party) > authentication modules if you have to have the source at build time? > That's stupid. Maybe not the source, but at minimum the objects. Any method of run-time control over password encryption schemes should permit all available schemes to be statically linked simultaneously into the relevant binaries such that a run-time "switch" can select amongst those that were available at link time. Naturally adding more schemes requires re-linking -- but that's neither surprising, nor upsetting. -- Greg A. Woods +1 416 443-1734 VE3TCP <gwoods@acm.org> <robohack!woods> Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199804211814.OAA23669>