tech-userlevel archive

---

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: crypt_r()?

---

• To: tech-userlevel%NetBSD.org@localhost
• Subject: Re: crypt_r()?
• From: Mouse <mouse%Rodents-Montreal.ORG@localhost>
• Date: 2022年2月15日 20:13:09 -0500 (EST)

---

> There really should be a function that takes a user name or ID and a clearte$
Maybe. But then you have a lot more failure modes and a lot more
possible attack surface. It would also mean that you can't check or
change passwords in single-user mode without starting the magic daemon;
that would be a substantial regression as far as user experience goes,
if nothing else. And what about checking the root password for
single-user boot with insecure console?
It _is_, however, very much in keeping with the "encapsulate
single-purpose code into a single place" attitude that has brought a
lot of benefits. I wonder if there isn't some better way I'm missing.
/~\ The ASCII				 Mouse
\ / Ribbon Campaign
 X Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B

---

• Follow-Ups:
  • Re: crypt_r()?
    • From: Jason Thorpe

• References:
  • crypt_r()?
    • From: Thomas Klausner
  • Re: crypt_r()?
    • From: Niclas Rosenvik
  • Re: crypt_r()?
    • From: Joerg Sonnenberger
  • Re: crypt_r()?
    • From: Niclas Rosenvik
  • Re: crypt_r()?
    • From: Joerg Sonnenberger
  • Re: crypt_r()?
    • From: Jason Thorpe

---

• Prev by Date: Re: crypt_r()?
• Next by Date: Re: crypt_r()?
• Previous by Thread: Re: crypt_r()?
• Next by Thread: Re: crypt_r()?
• Indexes:
  • reverse Date
  • reverse Thread
  • Old Index

Home | Main Index | Thread Index | Old Index