[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[patch #1800] [Patch #1800] clean up some more crypt() things in idvec-v
From: |
noreply |
Subject: |
[patch #1800] [Patch #1800] clean up some more crypt() things in idvec-verify.c |
Date: |
Fri, 08 Aug 2003 16:12:22 -0400 |
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3) Gecko/20030313 |
Patch #1800 has been updated.
Project:
Category: libshouldbeinlibc
Status: Open
Summary: clean up some more crypt() things in idvec-verify.c
Follow-Ups:
Date: Wed 08/06/2003 at 11:48
By: jeroen
Comment:
We don't have to make crypt() weak nor check whether crypt() exist because it's
always in glibc now.
-------------------------------------------------------
Date: Wed 08/06/2003 at 13:07
By: marcus
Comment:
Right. I have committed this change. Thanks!
-------------------------------------------------------
Date: Thu 08/07/2003 at 00:13
By: marcus
Comment:
I have reverted this change. Shame on you because you didn't test it (and
shame on me for not testing it either, nor asking you if you did).
The pragma is necessary because not all programs linked to libshouldbeinlibc
should also be linked to crypt.
The allowance for a missing crypt is not necessary anymore. But I reverted
that change as well for now, because the code
would segfault otherwise if crypt happened not to be linked in by accident. A
modified patch that disables plaintext passwords (which don't make much sense
today anymore, I think), would be ok, assuming it is properly tested.
-------------------------------------------------------
Date: Fri 08/08/2003 at 20:55
By: jeroen
Comment:
I uploaded a new patch, this will return ENOTSUP when crypt is not available
instead of using plain-text passwords. I tested it and it works fine.
-------------------------------------------------------
Date: Fri 08/08/2003 at 22:12
By: marco_g
Comment:
I have some serious doubt about this piece of code anyway. IMHO we shouldn't
touch this unless we are really sure about the consequences. Is it for exmple
possible that crypt isn't defined (or better returns ENOSYS) because of crypt
import/export restrictions?
And I think it is better to have plain text passwords than nothing at all.
Perhaps if crypt isn't available the password should be ignored and the used
can login (or root can login...). See how other parts of libshouldbeinlibc deal
with a missing root user in /etc/passwd.
-------------------------------------------------------
-------------------------------------------------------
For more info, visit:
http://savannah.gnu.org/patch/?func=detailpatch&patch_id=1800&group_id=30
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
- [patch #1800] [Patch #1800] clean up some more crypt() things in idvec-verify.c, noreply, 2003/08/06
- [patch #1800] [Patch #1800] clean up some more crypt() things in idvec-verify.c, noreply, 2003/08/06
- [patch #1800] [Patch #1800] clean up some more crypt() things in idvec-verify.c, noreply, 2003/08/06
- [patch #1800] [Patch #1800] clean up some more crypt() things in idvec-verify.c, noreply, 2003/08/06
- [patch #1800] [Patch #1800] clean up some more crypt() things in idvec-verify.c, noreply, 2003/08/08
- [patch #1800] [Patch #1800] clean up some more crypt() things in idvec-verify.c,
noreply <=
- [patch #1800] [Patch #1800] clean up some more crypt() things in idvec-verify.c, noreply, 2003/08/09