07-06-2009
I would also like to add that, at least for me personally and speaking in sweeping generalities which I don't like to do; I feel less secure with "closed code" than "open code".
For me, I can easily trust what I can see. I can search open code more easily (and look for problems) than I can search a binary or encrypted code like encrypted PHP (which I cannot search at all).
Recently, I refused to install encrypted PHP on a web site for that exact reason. I do not trust code I cannot see and see no reason to install encrypted PHP code when I can find open alternatives.
As I mentioned before, I don't normally like to respond to generalizations without context, so I am simply providing my personal opinion, and that is that I (my personal opinion) feel more secure when I can examine the code, grep it, search it, add debug statements, etc.
6 More Discussions You Might Find Interesting
1. Post Here to Contact Site Administrators and Moderators
This is a slick looking forum. Any chance on making the code for the forum open source? (1 Reply)
Discussion started by: ecupirate1998
1 Replies
2. IP Networking
Hello there,
I wanted to know the members' opinion about the best open source network management software which uses a web browser to show its interface and results.
I am interested in the software for both windows and Linux OSs.
Thanks. (4 Replies)
Discussion started by: Jawwad
4 Replies
3. UNIX for Dummies Questions & Answers
Hello
What is the best open source anti virus?
Thanks (4 Replies)
Discussion started by: mohammadmahdi
4 Replies
4. UNIX for Dummies Questions & Answers
Hello
what is the best open source antispam?
Thanks http://www.linuxforums.org/forum/images/smilies/icon_smile.gif (1 Reply)
Discussion started by: mohammadmahdi
1 Replies
5. Shell Programming and Scripting
Hi Friends
I'm new to this UNIX - I'm working on the porting project from Solaris To Linux i just want to map some commands from solaris to Linux so can any one please tell me how to get the source code of the commands like "ls", "cu", "du"
Regards
sabee (1 Reply)
Discussion started by: sabee.prakash
1 Replies
6. Fedora
Hi everyone,
I know the following questions are noobish questions but I am asking them because I am confused about the basics of history behind UNIX and LINUX.
Ok onto business, my questions are-:
Was/Is UNIX ever an open source operating system ?
If UNIX was... (21 Replies)
Discussion started by: sreyan32
21 Replies
LEARN ABOUT MINIX
pwdauth
PWDAUTH() PWDAUTH()
NAME
pwdauth - password authentication program
SYNOPSIS
/usr/lib/pwdauth
DESCRIPTION
Pwdauth is a program that is used by the crypt(3) function to do the hard work. It is a setuid root utility so that it is able to read the
shadow password file.
Pwdauth expects on standard input two null terminated strings, the password typed by the user, and the salt. That is, the two arguments of
the crypt function. The input read in a single read call must be 1024 characters or less including the nulls. Pwdauth takes one of two
actions depending on the salt.
If the salt has the form "##user" then the user is used to index the shadow password file to obtain the encrypted password. The input
password is encrypted with the one-way encryption function contained within pwdauth and compared to the encrypted password from the shadow
password file. If equal then pwdauth returns the string "##user" with exit code 0, otherwise exit code 2 to signal failure. The string
"##user" is also returned if both the shadow password and the input password are null strings to allow a password-less login.
If the salt is not of the form "##user" then the password is encrypted and the result of the encryption is returned. If salt and password
are null strings then a null string is returned.
The return value is written to standard output as a null terminated string of 1024 characters or less including the null.
The exit code is 1 on any error.
SEE ALSO
crypt(3), passwd(5).
NOTES
A password must be checked like in this example:
pw_ok = (strcmp(crypt(key, pw->pw_passwd), pw->pw_passwd) == 0);
The second argument of crypt must be the entire encrypted password and not just the two character salt.
AUTHOR
Kees J. Bot (kjb@cs.vu.nl)
PWDAUTH()