|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Chapter 8 security
From: Daniel Carosone (dan
geek.com.au)
Date: Sun Apr 18 2004 - 05:26:48 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sun, Apr 18, 2004 at 03:35:23AM -0400, Thor Lancelot Simon wrote:
> On Sun, Apr 18, 2004 at 01:55:27PM +0900, Curt Sampson wrote:
> >
> > If you're go all the way with this, even that might not be good enough.
> > What is there to stop someone from making the password hash of a poor
> > pasword on another machine and using vipw to set it?
>
> Precisely that crypt(3) sees the *input* to the hash, and can enforce
> arbitrary restrictions on it.
As does login (etc) at the time the passwd is used, which is Curt's
point. I'm not entirely sure I like the idea, but the point is valid.
--
Dan.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (NetBSD)
iD8DBQFAglfnEAVxvV4N66cRAtapAJ9yrNozr3DNnvmWkMoEqWMR6T1U6ACePLzK
VEos4S0fOjl7GYKmkgem3p8=
=W5yM
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]