Date: Wed, 22 Sep 1999 09:52:50 +0400 From: Dmitrij Tejblum <tejblum@arc.hq.cti.ru> To: nate@mt.sri.com (Nate Williams) Cc: Dmitrij Tejblum <tejblum@arc.hq.cti.ru>, Mark Murray <mark@grondar.za>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/secure/lib/libcrypt Makefile src/lib/libcrypt Makefile Message-ID: <199909220552.JAA00506@tejblum.pp.ru> In-Reply-To: Your message of "Tue, 21 Sep 1999 21:27:42 MDT." <199909220327.VAA11157@mt.sri.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Nate Williams wrote: > No, you'd rather everyone be confused as to *which* version of > libcrypt.so.1 is the correct version? With your solution, there could > be *dozens* of files with the same name that are very different from one > another, and only the 'latest' version is correct. This is normal for every program in the system. You don't have a version number on cat(1) or login(1). This is normal for shared libraries as well. Version number on a shared library is only a something about binary compatibility, it has nothing to do with the feature set or somesuch. > That portion of your commit was wrong, in that it violates POLA. Yes, > it's more work for you, but that's the price *YOU* pay for tracking a > system that is in constant development. Oh. Note: there is only one password database in your machine. An user ask the question: "Can I use SHA1-encrypted passwords in the password database?" My answer (it is also in docs): "Yes you can." This answer is plain and simple, but break POLA. Your answer: "There is a lot of programs that autheticate users against the password database. If an user has an SHA1-encrypted password, some program will mistakely reject passwords of such users. To determine if a program can handle SHA1-encrypted password, you can run ldd on it, like this: ldd /usr/local/sbin/sshd. If ldd show libcrypt.so.3, the program will work with SHA1-encrypted passwords. If it show libcrypt.so.2, the program will not work wuth SHA1-encrypted password." This answer does not break POLA, and will confuse noone, right?. The POLA is not broken even if I changed my password and then noticed that I can login from console but cannot login via ssh. I am the only one confused here, everyone else would just run ldd and know beforehand. Cool. Please remind me, what is POLA? Dima To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909220552.JAA00506>