Date: Sat, 8 Feb 1997 13:16:18 +0100 From: j@uriah.heep.sax.de (J Wunsch) To: john@dexter.starfire.mn.org (John Lind) Cc: hackers@freebsd.org Subject: Re: DES for 2.1.6? Message-ID: <Mutt.19970208131618.j@uriah.heep.sax.de> In-Reply-To: <Mutt.19970208000417.john@dexter.starfire.mn.org>; from John Lind on Feb 8, 1997 00:04:17 -0600 References: <Mutt.19970208000417.john@dexter.starfire.mn.org>
next in thread | previous in thread | raw e-mail | index | archive | help
As John Lind wrote:
> good reason, and I understand that). Can I use the DES source from
> 2.1.5 that I have tucked away on another machine? Unfortunately,
> I do not have the sources, just the binaries.
j@uriah 715% cvs diff -u -kk -rRELENG_2_1_{5,6_1}_RELEASE /usr/src/secure/lib/libcrypt
cvs diff: Diffing /usr/src/secure/lib/libcrypt
cvs diff: Diffing /usr/src/secure/lib/libcrypt/test
j@uriah 716%
So it looks both versions are identical as far as libcrypt is
concerned.
> I am sure that this whole situation must be very frustrating for
> all of you. I know how you have labored to make FreeBSD a trusted
> platform for commercial and other serious development, and to find
> something like this, left over from CSRG probably, and no fault of
> your own, must be maddening.
The missing bounds check was CSRG inheritance. The not yet killed
ENABLE_STARTUP_LOCALE was homegrown. It was particularly annoying for
two reasons: it affects all binaries, and it served no real purpose at
all. (It was considered a bad hack later.)
--
cheers, J"org
joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE
Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Mutt.19970208131618.j>