Re: Shadow Passwords

To: bruce@Pixar.com (Bruce Perens)
Cc: bruce@Pixar.com, marekm@i17linuxb.ists.pwr.wroc.pl, david@ods.com, debian-user@Pixar.com, Dirk.Eddelbuettel@qed.econ.queensu.ca, whizzard@panther.ucis.dal.ca
Subject: Re: Shadow Passwords
From: david@elo.ods.com (David Engel)
Date: Tue, 6 Feb 1996 22:09:18 -0600 (CST)
Message-id: <[🔎] m0tk1C2-000BioC@elo.ods.com>
In-reply-to: <[🔎] m0ti4Qr-00063SC@mongo.pixar.com> from "Bruce Perens" at Feb 1, 96 11:12:00 am

It looks like I'm getting way behind in my email again. :-(

> I'm not sure if having a separate library for crypt makes your system more
> or less vulnerable to attack. It does make it easier to deploy password
> shadowing, though. David should be in on this discussion as he's currently
> maintaining libc.

FYI, a (probably) not-to-distant future version of ld.so will support
a secure method for preloading ELF shared libraries.  Currently, ld.so
only honors preloading for non-setuid/setgid binaries.  What this
means is that, in theory, it should be possible to create a completely
optional package which installs a library to be preloaded that will
selectively override libc and provide shadow passwords.

David
-- 
David Engel                        Optical Data Systems, Inc.
david@ods.com                      1101 E. Arapaho Road
(214) 234-6400                     Richardson, TX  75081

Reply to:

References:
- Re: Shadow Passwords
  - From: bruce@Pixar.com (Bruce Perens)

Prev by Date: Re: Configuration questions for a Debian/Linux box using PPP.
Next by Date: Re: AcceleratedX and XFree86
Previous by thread: Re: Shadow Passwords
Next by thread: Re: Shadow Passwords
Index(es):
- Date
- Thread