Date: Tue, 15 Jun 1999 01:34:14 -0600 From: Warner Losh <imp@harmony.village.org> To: Dag-Erling Smorgrav <des@flood.ping.uio.no> Cc: freebsd-security@FreeBSD.ORG Subject: Re: DES & MD5? Message-ID: <199906150734.BAA91097@harmony.village.org> In-Reply-To: Your message of "15 Jun 1999 09:22:08 %2B0200." <xzp7lp6exnj.fsf@flood.ping.uio.no> References: <xzp7lp6exnj.fsf@flood.ping.uio.no> <Pine.OSF.4.10.9906151628010.1783-100000@bragg>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <xzp7lp6exnj.fsf@flood.ping.uio.no> Dag-Erling Smorgrav writes: : Always assume the bad guys have your password files. While this is a good assumption for planning purpose, it has limits. If your password file can be disclosed, chances are very good that any other file on your system can be disclosed. Generally speaking, this is a really bad thing, almost as bad as being able to replace any file in the system. This line of reasoning does implicitly assume that the files aren't shared via a non-encrypted channel. This does point out the limits of "secret" passwords. Public key/private key authentication systems can make things more secure. However, they are ill suited to hardwired terminals since people are generally not as good at computers as computing signatures needed for this sort of thing. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906150734.BAA91097>