Latest change in correct_password.c
Denis Vlasenko
vda.linux at googlemail.com
Thu Jun 14 21:48:59 UTC 2007
On Thursday 14 June 2007 22:02, Tito wrote:
> Hi to all,
> I've notice a change in correct_password.c, that makes me worry.
>
> /* fake salt. crypt() can choke otherwise.
> * (bb_banner's first two chars are letters and thus are valid salt) */
> correct = bb_banner;
>
> IMHO to mix up things like the bb_banner and a password entry
> seems as looking for trouble as nobody changing the bb_banner
> in the future will suspect such a connection.
> Maybe one day in some particular build bb_banner will be changed to ""
> or to who knows what...
> Couldn't we use something more orthodox here as:
>
> correct = "xxx";
>
> or something similar.
> Just my 2 euro cents.
http://busybox.net/bugs/view.php?id=1383
I vote for "xx" :)
--
vda
More information about the busybox
mailing list