Date: Wed, 22 Apr 1998 23:02:09 +0200 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: Mark Murray <mark@grondar.za> Cc: "Matthew N. Dodd" <winter@jurai.net>, Nate Williams <nate@mt.sri.com>, Peter Wemm <peter@netplex.com.au>, freebsd-security@FreeBSD.ORG Subject: Re: Static vs. dynamic linking (was Re: Using MD5 insted of DES ...) Message-ID: <4940.893278929@critter.freebsd.dk> In-Reply-To: Your message of "Wed, 22 Apr 1998 22:24:24 %2B0200." <199804222024.WAA00701@greenpeace.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199804222024.WAA00701@greenpeace.grondar.za>, Mark Murray writes: >Poul-Henning Kamp wrote: >> What about the root password prompt in /sbin/init ? >> >> That is the only really troublesome case... > >Of the very lively dialog that thas passsed on this subject the last >couple of days, the most useable solution seems to be (in the case of >apps in /(s)bin that may need alternative crypts) is to link them using >the normal dynamic flags, except to force them to use the static >libraries. This way will get a useable dlopen, and will allow the app to >function as required, and will not break the rest of the world with a >dynamic /(s)bin/*. The apps can then use a (say) cryptdes.so if it >exists. > >Is my summary OK? Yes, I think we just need to see some code. What about the SHS ($2$) suport for crypt() should we sneak that in at the same time ? Did we also agree that login.conf can specify which encryption to use along these lines: modify existing password: entry in login.conf ? yes: use what login.conf says no: use same as existing password. create new password: entry in login.conf ? yes: use what login.conf says no: use same as current root password -- Poul-Henning Kamp FreeBSD coreteam member phk@FreeBSD.ORG "Real hackers run -current on their laptop." "ttyv0" -- What UNIX calls a $20K state-of-the-art, 3D, hi-res color terminal To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4940.893278929>