On 21 Jul 2001, Dale Southard wrote: > Sshd should probably be constraining its match to the length of the > crypt() output rather than the length of the password file entry. [I > say ``probably'' here because some systems (AIX) seem to produce null > password file hashes when `passwd` is given a null password. If that > behavior is due to the underlying crypt() function, then the > ``probably'' suggestion I just made yields remote root on those > systems.] What's wrong with just using `strcmp' (i.e. no constraint at all)? After all, what you want to know is just whether the two strings are identical, period. And unless crypt() and /etc/shadow are both broken, it will stop at the right place. I realize it goes against the reflexive "only strn* functions are safe" idea, but that shouldn't substitute for thinking... -- Nate Eldredge neldredgeat_private
This archive was generated by hypermail 2b30 : Mon Jul 23 2001 - 10:06:24 PDT