[Pkg-shadow-devel] Bug#505640: Bug#523387: mkpasswd should be removed

[Marco d'Itri]

severity 523387 wishlist
retitle 523387 needs support for variable-length salts
tag 523387 - security
tag 523387 upstream help
thanks

On Apr 09, Kees Cook <kees at debian.org> wrote:

> While discussing bug 505640, I noticed that "mkpasswd" doesn't really
> belongs in the whois package.
It has been there for 10 years now (and cryptpw before then), so I think
we can safely conclude that this has not caused any troubles except a
few bogus bug reports.

> Additionally, the code is buggy and not very random:
> 
>     srand(time(NULL) + getpid());
> 
> This needs to at least use /dev/urandom, or sec+usec as done in shadow.
Initializing the rand(3) seed with the time and maybe the PID is a
common tecnique.
The result is only used to generate the salt, and I see no reason why
it needs to be cryptographically strong random. Do you?

>   There is also a bug that it does not accept salt smaller than 16 bytes for
>   sha-256 and sha-512. This does not conform to
This was a design choice to keep the initial code simpler and I had no
time so far to improve it, feel free to send a patch.

> I would recommend dropping mkpasswd (potentially in favor of a PAM-based
> tool as discussed in bug 505640).
I have read this bug and I do not understand which additional features
PAM support would provide, but I will consider adding it if you can
provide a good rationale.

-- 
ciao,
Marco
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20090409/c3cef0fb/attachment.pgp>