Subject: Re: crypt(3)
To: Tim Newsham <firstname.lastname@example.org>
From: Martin Husemann <email@example.com>
Date: 11/16/1994 12:58:20
> The first character of the salt should be a constant to distinguish
> it from normal crypt(3) output.
This is necessary - otherwise you would break exisiting software.
We use a sysadm toolset to generate all kinds of logins and enter
them into passwd.master, I guess a lot people do similar things.
But if you have to keep the old functions around, it wouldn't help
you much in getting an exportable system.
If you're doing it to improve security, you'll have to persuade a
lot of people to trust your method as well as your code.
'Why, you could subvert that with trained flocks of eagles carrying CDs!'
-- Andrew Molitor about a new firewall-product