From owner-freebsd-security  Wed Apr 22 08:54:24 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id IAA05400
          for freebsd-security-outgoing; Wed, 22 Apr 1998 08:54:24 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from gateman.zeus.leitch.com (gateman.zeus.leitch.com [204.187.61.193])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA05387
          for <freebsd-security@FreeBSD.ORG>; Wed, 22 Apr 1998 15:54:21 GMT
          (envelope-from woods@tap.zeus.leitch.com)
Received: from zeus.leitch.com (tap.zeus.leitch.com [204.187.61.10]) by gateman.zeus.leitch.com (8.8.5/8.7.3/1.0) with ESMTP id LAA00478 for <freebsd-security@FreeBSD.ORG>; Wed, 22 Apr 1998 11:54:28 -0400 (EDT)
Received: from brain.zeus.leitch.com (brain.zeus.leitch.com [204.187.61.32]) by zeus.leitch.com (8.7.5/8.7.3/1.0) with ESMTP id LAA12701 for <freebsd-security@FreeBSD.ORG>; Wed, 22 Apr 1998 11:54:29 -0400 (EDT)
Received: (from woods@localhost)
	by brain.zeus.leitch.com (8.8.8/8.8.8) id LAA01077;
	Wed, 22 Apr 1998 11:54:28 -0400 (EDT)
	(envelope-from woods@tap.zeus.leitch.com)
Date: Wed, 22 Apr 1998 11:54:28 -0400 (EDT)
Message-Id: <199804221554.LAA01077@brain.zeus.leitch.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
From: woods@zeus.leitch.com (Greg A. Woods)
To: freebsd-security@FreeBSD.ORG
Subject: Re: Using MD5 insted of DES for passwd ecnryption 
In-Reply-To: Mark Murray's message
	of "Tue, April 21, 1998 20:31:17 +0200"
	regarding "Re: Using MD5 insted of DES for passwd ecnryption "
	id <199804211831.UAA26779@greenpeace.grondar.za>
References: <199804211831.UAA26779@greenpeace.grondar.za>
X-Mailer: VM 6.45 under Emacs 20.2.1
Reply-To: freebsd-security@FreeBSD.ORG
Organization: Planix, Inc.; Toronto, Ontario; Canada
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk

[ On Tue, April 21, 1998 at 20:31:17 (+0200), Mark Murray wrote: ]
> Subject: Re: Using MD5 insted of DES for passwd ecnryption 
>
> Not so. There exists the probability that dlopen could be fixed to work 
> for statically linked apps to allow them to find and use arbitrary (binar
> y) .so objects.

Dynamic loading is "dynamic", no matter at what level it happens.  One
reason for not doing dynamic loading is for security paranoia.  If
everything's static then it's much harder to introduce foreign code,
esp. into running processes.

As for doing this kind of run-time loading with dlopen(), well I'd
suggest that there are lots of other better APIs in wide use already.

-- 
							Greg A. Woods

+1 416 443-1734      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message