1996-11-17 - Re: RFC: A UNIX crypt(3) replacement
Header Data
From: Dave Kinchlea <security@kinch.ark.com>
To: The Deviant <deviant@pooh-corner.com>
Message Hash: cae7a9037f5fef60efc1f93026f760a5b99f74a5c758a12c50f8c4115435b1c9
Message ID: <Pine.LNX.3.95.961117141640.1181M-100000@kinch.ark.com>
Reply To: <Pine.LNX.3.94.961117215609.504A-100000@random.sp.org>
UTC Datetime: 1996-11-17 22:18:42 UTC
Raw Date: Sun, 17 Nov 1996 14:18:42 -0800 (PST)
Raw message
From: Dave Kinchlea <security@kinch.ark.com>
Date: Sun, 17 Nov 1996 14:18:42 -0800 (PST)
To: The Deviant <deviant@pooh-corner.com>
Subject: Re: RFC: A UNIX crypt(3) replacement
In-Reply-To: <Pine.LNX.3.94.961117215609.504A-100000@random.sp.org>
Message-ID: <Pine.LNX.3.95.961117141640.1181M-100000@kinch.ark.com>
MIME-Version: 1.0
Content-Type: text/plain
On Sun, 17 Nov 1996, The Deviant wrote:
>
> Oh.. you misunderstand what I'm saying... I'm not saying its unemportant
> for you to have good passwords or anything like that, I'm just pointing
> out that rather than replace the entire system, its more prudent to fully
> install it.
>
> I still think admins should run crack against their own lists, etc., but
> that still shouldn't be a problem to a good cracker. If you've just
> gotten root on a system, you start backdooring everything, not trying to
> crack the password list.
Well, this certainly *IS* a different statement than I read from you
before. I don't find anything to disagree with here. Though, if your
passwords can't be cracked, what is the need for shadow passwords? It
simply introduces more variables and offers no more security.
cheers
Thread
Return to November 1996
- Return to “Adam Shostack <adam@homeport.org>”
- Return to “Dave Kinchlea <security@kinch.ark.com>”
- Return to ““Joshua E. Hill” <jehill@w6bhz.calpoly.edu>”
Return to “The Deviant <deviant@pooh-corner.com>”
- 1996-11-17 (Sat, 16 Nov 1996 20:57:41 -0800 (PST)) - RFC: A UNIX crypt(3) replacement - “Joshua E. Hill” <jehill@w6bhz.calpoly.edu>
- 1996-11-17 (Sun, 17 Nov 1996 06:21:58 -0800 (PST)) - Re: RFC: A UNIX crypt(3) replacement - The Deviant <deviant@pooh-corner.com>
- 1996-11-17 (Sun, 17 Nov 1996 06:35:40 -0800 (PST)) - Re: RFC: A UNIX crypt(3) replacement - Adam Shostack <adam@homeport.org>
- 1996-11-17 (Sun, 17 Nov 1996 09:28:56 -0800 (PST)) - Re: RFC: A UNIX crypt(3) replacement - The Deviant <deviant@pooh-corner.com>
- 1996-11-17 (Sun, 17 Nov 1996 09:37:09 -0800 (PST)) - Re: RFC: A UNIX crypt(3) replacement - Adam Shostack <adam@homeport.org>
- 1996-11-17 (Sun, 17 Nov 1996 13:37:45 -0800 (PST)) - Re: RFC: A UNIX crypt(3) replacement - Dave Kinchlea <security@kinch.ark.com>
- 1996-11-17 (Sun, 17 Nov 1996 14:01:00 -0800 (PST)) - Re: RFC: A UNIX crypt(3) replacement - The Deviant <deviant@pooh-corner.com>
- 1996-11-17 (Sun, 17 Nov 1996 14:18:42 -0800 (PST)) - Re: RFC: A UNIX crypt(3) replacement - Dave Kinchlea <security@kinch.ark.com>
- 1996-11-17 (Sun, 17 Nov 1996 14:23:35 -0800 (PST)) - Re: RFC: A UNIX crypt(3) replacement - The Deviant <deviant@pooh-corner.com>
- 1996-11-17 (Sun, 17 Nov 1996 14:52:58 -0800 (PST)) - Re: RFC: A UNIX crypt(3) replacement - Dave Kinchlea <security@kinch.ark.com>
- 1996-11-17 (Sun, 17 Nov 1996 14:23:35 -0800 (PST)) - Re: RFC: A UNIX crypt(3) replacement - The Deviant <deviant@pooh-corner.com>
- 1996-11-17 (Sun, 17 Nov 1996 14:18:42 -0800 (PST)) - Re: RFC: A UNIX crypt(3) replacement - Dave Kinchlea <security@kinch.ark.com>
- 1996-11-17 (Sun, 17 Nov 1996 14:01:00 -0800 (PST)) - Re: RFC: A UNIX crypt(3) replacement - The Deviant <deviant@pooh-corner.com>
- 1996-11-17 (Sun, 17 Nov 1996 09:28:56 -0800 (PST)) - Re: RFC: A UNIX crypt(3) replacement - The Deviant <deviant@pooh-corner.com>
- 1996-11-17 (Sun, 17 Nov 1996 06:35:40 -0800 (PST)) - Re: RFC: A UNIX crypt(3) replacement - Adam Shostack <adam@homeport.org>
- 1996-11-17 (Sun, 17 Nov 1996 06:21:58 -0800 (PST)) - Re: RFC: A UNIX crypt(3) replacement - The Deviant <deviant@pooh-corner.com>