[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: MD5_CRYPT_ENAB in login.defs



On Tue, Jul 27, 1999 at 04:19:18PM +0200, Piotr Roszatycki wrote:
> But is it really important? I think security is much important and
> less security method should be only optional.

Depends. There's a lot of local stuff out there that expects 13
characters from the pw field. All that would break. On my systems that's
a reasonable tradeoff. But that isn't the case everywhere, and to break
traditional unix semantics is not something debian can do lightly.

> Maybe at install time user could choose crypting method?
> For now it is possible to choose shadow or non-shadow system.

That's been suggested before (and I think it's a reasonable idea), but
no one AFAIK has submitted a patch to do this.

Mike Stone

Attachment: pgpTlGqVq01ue.pgp
Description: PGP signature


Reply to: