Subject: Re: Chapter 8 security
To: None <current-users@netbsd.org, tech-security@netbsd.org>
From: Thor Lancelot Simon <tls@rek.tjls.com>
List: current-users
Date: 04/18/2004 07:57:39
On Sun, Apr 18, 2004 at 08:26:48PM +1000, Daniel Carosone wrote:
> On Sun, Apr 18, 2004 at 03:35:23AM -0400, Thor Lancelot Simon wrote:
> > On Sun, Apr 18, 2004 at 01:55:27PM +0900, Curt Sampson wrote:
> > > 
> > > If you're go all the way with this, even that might not be good enough.
> > > What is there to stop someone from making the password hash of a poor
> > > pasword on another machine and using vipw to set it?
> > 
> > Precisely that crypt(3) sees the *input* to the hash, and can enforce
> > arbitrary restrictions on it.
> 
> As does login (etc) at the time the passwd is used, which is Curt's
> point.  I'm not entirely sure I like the idea, but the point is valid.

That's utterly silly.  login (etc) call crypt(3) to compute the hashed
password; why on earth would one undertake to change all *callers* of
crypt() when one could just change crypt() itself?


-- 
 Thor Lancelot Simon	                                      tls@rek.tjls.com
   But as he knew no bad language, he had called him all the names of common
 objects that he could think of, and had screamed: "You lamp!  You towel!  You
 plate!" and so on.              --Sigmund Freud