Re: It's not possible to allow non-OPIE logins only from trusted
RW <rwmaillists@googlemail.com> writes:
> Dag-Erling Sm=C3=B8rgrav <des@des.no> writes:
> > RW <rwmaillists@googlemail.com> writes:
> > > IIRC there is/was a weakness in FreeBSD's OPIE implementation in
> > > that it's susceptible to rainbow table attacks - I think part of
> > > the hash is discarded.
> > Can you provide more details?
> http://lists.freebsd.org/pipermail/freebsd-security/2009-February/005114.=
html
Heh :)
My first comment was a reference to the quality of the code, not the
design. My second comment is basically the same thing I just said - we
cannot change this without breaking compatibility.
DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 24 之 26 篇):