[33] in linux-security and linux-alert archive
Re: Sh*dow Passwords?
daemon@ATHENA.MIT.EDU (Daniel Hollis)
Tue Mar 7 03:56:38 1995
From: dhollis@hq.jcic.org (Daniel Hollis)
To: linux-security@tarsier.cv.nrao.edu
Date: Mon, 6 Mar 1995 20:19:18 -0800 (PST)
In-Reply-To: <Pine.LNX.3.91.950306144339.5297A-100000@slip-9-12.ots.utexas.edu> from "lilo" at Mar 6, 95 02:51:03 pm
Reply-To: linux-security@tarsier.cv.nrao.edu
[Mod: excessive quoting trimmed. --okir]
> On Mon, 6 Mar 1995, Roman Gollent wrote:
> I would like to see basic password sh*dowing support included in the
> Linux libraries (in such a way as to minimize the need to recompile basic
> utilities), but personally think it would be best to produce that
> functionality independently of John's code, to avoid the arguments we saw
> last time around. I don't think there's anything in his code that
> couldn't be done cleaner and simpler for inclusion in the Linux libraries.
Yes, this would be very nice. Rewrite the shadow suite from scratch, GPL the
whole damned thing, and tell John to shove it. The current shadow package
is a monster, there is no reason it can't be 1/2 to 1/3 the size it
currently is.
Does anyone know of weaknesses in the shadow package? Shortcomings? It
would be a chance to correct them, if any -- and have a freely
redistributable shadow package.
-Dan
