Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: is open source more secure ?
Special Forums Cybersecurity is open source more secure ? Post 302331526 by Neo on Monday 6th of July 2009 12:38:25 PM
Old 07-06-2009
I would also like to add that, at least for me personally and speaking in sweeping generalities which I don't like to do; I feel less secure with "closed code" than "open code".

For me, I can easily trust what I can see. I can search open code more easily (and look for problems) than I can search a binary or encrypted code like encrypted PHP (which I cannot search at all).

Recently, I refused to install encrypted PHP on a web site for that exact reason. I do not trust code I cannot see and see no reason to install encrypted PHP code when I can find open alternatives.

As I mentioned before, I don't normally like to respond to generalizations without context, so I am simply providing my personal opinion, and that is that I (my personal opinion) feel more secure when I can examine the code, grep it, search it, add debug statements, etc.
 

6 More Discussions You Might Find Interesting

1. Post Here to Contact Site Administrators and Moderators

open source for the forum

This is a slick looking forum. Any chance on making the code for the forum open source? (1 Reply)
Discussion started by: ecupirate1998
1 Replies

2. IP Networking

Open Source NMS

Hello there, I wanted to know the members' opinion about the best open source network management software which uses a web browser to show its interface and results. I am interested in the software for both windows and Linux OSs. Thanks. (4 Replies)
Discussion started by: Jawwad
4 Replies

3. UNIX for Dummies Questions & Answers

open source antivirus

Hello What is the best open source anti virus? Thanks (4 Replies)
Discussion started by: mohammadmahdi
4 Replies

4. UNIX for Dummies Questions & Answers

what is the best open source antispam?

Hello what is the best open source antispam? Thanks http://www.linuxforums.org/forum/images/smilies/icon_smile.gif (1 Reply)
Discussion started by: mohammadmahdi
1 Replies

5. Shell Programming and Scripting

Open Source

Hi Friends I'm new to this UNIX - I'm working on the porting project from Solaris To Linux i just want to map some commands from solaris to Linux so can any one please tell me how to get the source code of the commands like "ls", "cu", "du" Regards sabee (1 Reply)
Discussion started by: sabee.prakash
1 Replies

6. Fedora

Is UNIX an open source OS ?

Hi everyone, I know the following questions are noobish questions but I am asking them because I am confused about the basics of history behind UNIX and LINUX. Ok onto business, my questions are-: Was/Is UNIX ever an open source operating system ? If UNIX was... (21 Replies)
Discussion started by: sreyan32
21 Replies

LEARN ABOUT MINIX

pwdauth

PWDAUTH()																 PWDAUTH()

NAME

       pwdauth - password authentication program

SYNOPSIS

       /usr/lib/pwdauth

DESCRIPTION

       Pwdauth is a program that is used by the crypt(3) function to do the hard work.	It is a setuid root utility so that it is able to read the
       shadow password file.

       Pwdauth expects on standard input two null terminated strings, the password typed by the user, and the salt.  That is, the two arguments of
       the  crypt  function.   The input read in a single read call must be 1024 characters or less including the nulls.  Pwdauth takes one of two
       actions depending on the salt.

       If the salt has the form "##user" then the user is used to index the shadow password file to obtain  the  encrypted  password.	The  input
       password  is encrypted with the one-way encryption function contained within pwdauth and compared to the encrypted password from the shadow
       password file.  If equal then pwdauth returns the string "##user" with exit code 0, otherwise exit code 2 to signal  failure.   The  string
       "##user" is also returned if both the shadow password and the input password are null strings to allow a password-less login.

       If  the salt is not of the form "##user" then the password is encrypted and the result of the encryption is returned.  If salt and password
       are null strings then a null string is returned.

       The return value is written to standard output as a null terminated string of 1024 characters or less including the null.

       The exit code is 1 on any error.

SEE ALSO

       crypt(3), passwd(5).

NOTES

       A password must be checked like in this example:

	      pw_ok = (strcmp(crypt(key, pw->pw_passwd), pw->pw_passwd) == 0);

       The second argument of crypt must be the entire encrypted password and not just the two character salt.

AUTHOR

       Kees J. Bot (kjb@cs.vu.nl)

																	 PWDAUTH()
All times are GMT -4. The time now is 06:47 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy