Date: Tue, 21 Apr 1998 11:32:22 -0400 (EDT) From: woods@zeus.leitch.com (Greg A. Woods) To: freebsd-security@FreeBSD.ORG Subject: Re: Using MD5 insted of DES for passwd ecnryption Message-ID: <199804211532.LAA22702@brain.zeus.leitch.com> In-Reply-To: Mike Smith's message of "Tue, April 21, 1998 05:59:33 -0700" regarding "Re: Using MD5 insted of DES for passwd ecnryption " id <199804211259.FAA00330@antipodes.cdrom.com> References: <19980421124954.A1797@keltia.freenix.fr> <199804211259.FAA00330@antipodes.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[ On Tue, April 21, 1998 at 05:59:33 (-0700), Mike Smith wrote: ] > Subject: Re: Using MD5 insted of DES for passwd ecnryption > > As soon as you have more than one *different* binary running out of > /bin, you win of course, as there's only *one* copy (at most) of the > common shared libraries being backed by physical memory. That's not necessarily true, at least from what I've learned second hand. There can be a certain amount of overhead in terms of extra VM pages allocated for shared memory, so one additional shared binary may still not result in even reaching the same memory footprint as the same fully static binaries would. It would depend on the relative amounts of the shared libraries that each given binary might link in. In any case I'd be horrified to learn that whatever scheme of controlling password encryption is chosen relies on shared libraries. I think it should always be possible to statically link the whole system if one so desires. That's the one sure way to test if shared libraries are causing any weirdness. -- Greg A. Woods +1 416 443-1734 VE3TCP <gwoods@acm.org> <robohack!woods> Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199804211532.LAA22702>