#12365: password generation must be more secured
---------------------------+---------------------------------------
Reporter: eanyx | Owner: nobody
Type: enhancement | Status: new
Priority: critical | Milestone: Unscheduled
Component: System | Version: R1/Development
Resolution: | Keywords: hash password /etc/shadow
Blocked By: | Blocking:
Has a Patch: 1 | Platform: All
---------------------------+---------------------------------------
Comment (by axeld):
We don't have to follow POSIX by the word; we already have quite a few
functions that deviate from the standard, and, for example, accept NULL as
an argument where POSIX states otherwise.
As long as it's an addition, and doesn't affect programs that follow the
POSIX standard, I fail to see any problems; the code we have now is not
portable in either case; when using on another system, it may choke on a
NULL salt, or misses the crypt_gensalt() function.
IOW I don't think we need that separation, and clobber the global
namespace. If v4 and v5 are otherwise identical, I'd prefer to apply v4.
--
Ticket URL: <https://dev.haiku-os.org/ticket/12365#comment:16>
Haiku <https://dev.haiku-os.org>
Haiku - the operating system.
