tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: crypt_r()?

> There really should be a function that takes a user name or ID and a clearte$

Maybe.  But then you have a lot more failure modes and a lot more
possible attack surface.  It would also mean that you can't check or
change passwords in single-user mode without starting the magic daemon;
that would be a substantial regression as far as user experience goes,
if nothing else.  And what about checking the root password for
single-user boot with insecure console?

It _is_, however, very much in keeping with the "encapsulate
single-purpose code into a single place" attitude that has brought a
lot of benefits.  I wonder if there isn't some better way I'm missing.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

Home | Main Index | Thread Index | Old Index