Re: crypt_r()?

To: tech-userlevel%NetBSD.org@localhost
Subject: Re: crypt_r()?
From: Mouse <mouse%Rodents-Montreal.ORG@localhost>
Date: Tue, 15 Feb 2022 20:13:09 -0500 (EST)

> There really should be a function that takes a user name or ID and a clearte$

Maybe.  But then you have a lot more failure modes and a lot more
possible attack surface.  It would also mean that you can't check or
change passwords in single-user mode without starting the magic daemon;
that would be a substantial regression as far as user experience goes,
if nothing else.  And what about checking the root password for
single-user boot with insecure console?

It _is_, however, very much in keeping with the "encapsulate
single-purpose code into a single place" attitude that has brought a
lot of benefits.  I wonder if there isn't some better way I'm missing.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

Follow-Ups:
- Re: crypt_r()?
  - From: Jason Thorpe

References:
- crypt_r()?
  - From: Thomas Klausner
- Re: crypt_r()?
  - From: Niclas Rosenvik
- Re: crypt_r()?
  - From: Joerg Sonnenberger
- Re: crypt_r()?
  - From: Niclas Rosenvik
- Re: crypt_r()?
  - From: Joerg Sonnenberger
- Re: crypt_r()?
  - From: Jason Thorpe

Prev by Date: Re: crypt_r()?
Next by Date: Re: crypt_r()?
Previous by Thread: Re: crypt_r()?
Next by Thread: Re: crypt_r()?
Indexes:

Home | Main Index | Thread Index | Old Index