Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!samsung!munnari.oz.au!metro!cluster!necisa!boyd
From: boyd@necisa.ho.necisa.oz (Boyd Roberts)
Newsgroups: comp.unix.internals
Subject: Re: Finding Passwords
Message-ID: <1849@necisa.ho.necisa.oz>
Date: 9 Oct 90 04:31:59 GMT
References: <8685@mirsa.inria.fr> <12438:Oct223:00:3290@kramden.acf.nyu.edu> <651@puck.mrcu> <21948:Oct606:29:2890@kramden.acf.nyu.edu> <52347@brunix.UUCP> <BZS.90Oct6191703@world.std.com> <1990Oct7.155203.13283@hq.demos.su>
Organization: NEC Information Systems Australia Pty. Ltd.
Lines: 20

In article <1990Oct7.155203.13283@hq.demos.su> avg@hq.demos.su (Vadim G. Antonov) writes:
>
>	Seems to me an appropriate hack is about 20 lines in a kernel
>	and getty.
>

`Hack' is the right word.  Sure, you could `hack' all sorts of mess into
the kernel/getty/login but it wouldn't be UNIX.  The machine is supposed
to allow you to get things done.  The kernel should not be cluttered with
junk to cope with paranoid end cases.  The problem with these `hacks' is
that they're more easily implemented than fixing the `problem' the right way.

The semantics are always wrong and your 20 line `hack' may well turn out
to be a serious problem.  Think about the problem.  Solve the problem.
Code the algorithm.  Because it's simple and `cheap' doesn't mean it's right.


Boyd Roberts			boyd@necisa.ho.necisa.oz.au

``When the going gets wierd, the weird turn pro...''