[Buildroot] [PATCH] busybox: use md5 as default password algorithm
Peter Korsgaard
peter at korsgaard.com
Thu Mar 10 20:01:26 UTC 2016
>>>>> "Gustavo" == Gustavo Zacarias <gustavo at zacarias.com.ar> writes:
> DES is terribly outdated and a security vulnerability.
> Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
> ---
> package/busybox/busybox.config | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
> diff --git a/package/busybox/busybox.config b/package/busybox/busybox.config
> index 2cf989d..693b9d2 100644
> --- a/package/busybox/busybox.config
> +++ b/package/busybox/busybox.config
> @@ -496,7 +496,7 @@ CONFIG_PASSWD=y
> CONFIG_FEATURE_PASSWD_WEAK_CHECK=y
> # CONFIG_CRYPTPW is not set
> # CONFIG_CHPASSWD is not set
> -CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="des"
> +CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="md5"
So this is what is used when you change password through the busybox
passwd applet or create a new user, right?
Shouldn't we instead tweak this based on BR2_TARGET_GENERIC_PASSWD_*?
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list