[haiku-bugs] Re: [Haiku] #4812: Screen Saver 'Password lock' security weakness

• From: "stimut" <trac@xxxxxxxxxxxx>
• Date: Tue, 26 Jan 2010 04:09:34 -0000

#4812: Screen Saver 'Password lock' security weakness
-------------------------------------+--------------------------------------
 Reporter:  olaf                     |       Owner:  axeld         
     Type:  bug                      |      Status:  new           
 Priority:  normal                   |   Milestone:  R1            
Component:  Preferences/ScreenSaver  |     Version:  R1/Development
 Keywords:                           |   Blockedby:                
 Platform:  All                      |    Blocking:                
-------------------------------------+--------------------------------------

Comment(by stimut):

 This is due to the posix compliant implementation of crypt(3) in libroot
 which correctly truncates the password to 8 characters.

 There is a libcrypt implementation in the sources which allows an
 arbitrary length password (as well as supporting better hash algorithms
 such as md5 and blowfish - we currently uses DES), but I don't know enough
 about the build system to know how to use it.

-- 
Ticket URL: <http://dev.haiku-os.org/ticket/4812#comment:1>
Haiku <http://dev.haiku-os.org>
Haiku - the operating system.

Other related posts:

• » [haiku-bugs] Re: [Haiku] #4812: Screen Saver 'Password lock' security weakness - stimut
• » [haiku-bugs] Re: [Haiku] #4812: Screen Saver 'Password lock' security weakness- pulkomandy
• » [haiku-bugs] Re: [Haiku] #4812: Screen Saver 'Password lock' security weakness- i80and
• » [haiku-bugs] Re: [Haiku] #4812: Screen Saver 'Password lock' security weakness- waddlesplash

1. Home
2. haiku-bugs
3. Archive
4. 01-2010

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---