Re: MD5_CRYPT_ENAB in login.defs

To: Debian Development Mailing List <debian-devel@lists.debian.org>
Subject: Re: MD5_CRYPT_ENAB in login.defs
From: Michael Stone <mstone@debian.org>
Date: Tue, 27 Jul 1999 11:49:07 -0400
Message-id: <[🔎] 19990727114907.L852@justice.loyola.edu>
Mail-followup-to: Debian Development Mailing List <debian-devel@lists.debian.org>
In-reply-to: <[🔎] Pine.LNX.4.10.9907271614200.4533-100000@cyan.fnet.pl>; from Piotr Roszatycki on Tue, Jul 27, 1999 at 04:19:18PM +0200
References: <[🔎] 19990727080314.G852@justice.loyola.edu> <[🔎] Pine.LNX.4.10.9907271614200.4533-100000@cyan.fnet.pl>

On Tue, Jul 27, 1999 at 04:19:18PM +0200, Piotr Roszatycki wrote:
> But is it really important? I think security is much important and
> less security method should be only optional.

Depends. There's a lot of local stuff out there that expects 13
characters from the pw field. All that would break. On my systems that's
a reasonable tradeoff. But that isn't the case everywhere, and to break
traditional unix semantics is not something debian can do lightly.

> Maybe at install time user could choose crypting method?
> For now it is possible to choose shadow or non-shadow system.

That's been suggested before (and I think it's a reasonable idea), but
no one AFAIK has submitted a patch to do this.

Mike Stone

Attachment: pgpkzDdnXpjRp.pgp
Description: PGP signature

Reply to:

References:
- Re: MD5_CRYPT_ENAB in login.defs
  - From: Michael Stone <mstone@debian.org>
- Re: MD5_CRYPT_ENAB in login.defs
  - From: Piotr Roszatycki <dexter@fnet.pl>

Prev by Date: Re: your mail
Next by Date: Re: infomagic
Previous by thread: Re: MD5_CRYPT_ENAB in login.defs
Next by thread: Re: MD5_CRYPT_ENAB in login.defs
Index(es):
- Date
- Thread