- From: Mary Ellen Zurko <zurko@osf.org>
- Date: Thu, 2 Feb 95 8:55:52 EST
- To: John Franks <john@math.nwu.edu>
- Cc: www-security@ns2.rutgers.edu, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com, Me <zurko@osf.org>
> only MD5 (which is exportable). Have a KEY known only to the server > and password management utilities. In the password file store [...] > The salt must change whenever the user changes password. Someone > reading the password file cannot decrypt the password without knowing > KEY. Having the KEY only helps if it's less easy to access than the password files (for the threat you point out). So, how does the server know the KEY? It's in a .conf file somewhere, or it's input on startup. If it's really a key and not a password, the latter will never fly. And actually, if given an option, most sites would take the .conf file anyway. Which would mean it was only in memory. Reading memory on a multi-user machine may be slightly harder to do than reading a protected file, but the threats are pretty close. Mez
Received on Thursday, 2 February 1995 05:59:40 UTC