[illumos-Developer] [REVIEW] 1222, 1223, 1224 -- strconst fixes for crypt, catman, lp
Garrett D'Amore
garrett at nexenta.com
Tue Jul 19 00:45:00 PDT 2011
EOF'ing crypt(1) seems like a fine idea to me, but I do worry that there are real consumers (web applications?!?) that might use it.
-- Garrett D'Amore
On Jul 18, 2011, at 6:20 PM, "Richard Lowe" <richlowe at richlowe.net> wrote:
> Hey all, I'd like review for:
>
> 1222 crypt may modify constant data
> 1223 catman may modify constant data
> 1224 lp may overwrite constant data
>
> webrev:
>
> http://richlowe.net/webrevs/il_1222/
>
> Note that there are undoubtedly many more issues within cmd/lp, especially.
> Albert, you requested the lp option fixes be done this way, so it'd be
> nice to get your review of that.
>
> I would also like to solicit opinion on a possible EOF of crypt(1) in
> a followup bug. Anyone wishing for real encryption should use
> something stronger (encrypt(1), gnupg), I hope this has been known for
> sufficiently long that crypt(1) has no actual consumers (though due to
> its nature, it's not like one _really_ needs a crypt binary to recover
> the plaintext...)
>
> Relevant standards specify crypt(3C) but not crypt(1), crypt(3C)
> would, of course, be left intact.
>
> -- Rich
>
> _______________________________________________
> Developer mailing list
> Developer at lists.illumos.org
> http://lists.illumos.org/m/listinfo/developer
More information about the Developer
mailing list