[26] in linux-security and linux-alert archive
Re: Sh*dow Passwords?
daemon@ATHENA.MIT.EDU (lilo)
Mon Mar 6 20:20:50 1995
Date: Mon, 6 Mar 1995 14:51:03 -0600 (CST)
From: lilo <TaRDiS@mail.utexas.edu>
To: linux-security@tarsier.cv.nrao.edu
cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <199503061750.MAA02242@portal.stwing.upenn.edu>
Reply-To: linux-security@tarsier.cv.nrao.edu
On Mon, 6 Mar 1995, Roman Gollent wrote:
> I was wondering if there was ever going to be a move to make sh*dowing
> a standard, ie: Have all distributions come with sh*dowing by
> default. Since there are many other Un*x os that come with sh*dowing
> turned on, why can't the same be done for Linux distributions, or at
> least the popular ones? This isn't a criticism, just an open question.
Several distributors of commercial Linux releases have had some
difficulties with the author of the sh*dow password suite, due to his
licensing requirements, which were designed to maintain personal
control of the suite. He wrote a set of stubs with a GNU license,
suitable for inclusion in the Linux library code, but think by the time
he got to that point everyone had decided that the difficulties of
dealing with him outweighed the benefits.
I would like to see basic password sh*dowing support included in the
Linux libraries (in such a way as to minimize the need to recompile basic
utilities), but personally think it would be best to produce that
functionality independently of John's code, to avoid the arguments we saw
last time around. I don't think there's anything in his code that
couldn't be done cleaner and simpler for inclusion in the Linux libraries.
lilo
