Path: utzoo!attcan!utgpu!watmath!clyde!att!pacbell!lll-tis!helios.ee.lbl.gov!pasteur!aoki@faerie.Berkeley.EDU
From: aoki@faerie.Berkeley.EDU (Paul M. Aoki)
Newsgroups: comp.unix.wizards
Subject: BSD passwd() [was Re: How to stop future viruses.]
Message-ID: <7311@pasteur.Berkeley.EDU>
Date: 12 Nov 88 05:45:33 GMT
References: <2178@cuuxb.ATT.COM> <778@mailrus.cc.umich.edu> <10835@ulysses.homer.nj.att.com> <10436@eddie.MIT.EDU>
Sender: news@pasteur.Berkeley.EDU
Reply-To: aoki@faerie.Berkeley.EDU (Paul M. Aoki)
Organization: Postgres Research Group, UC Berkeley
Lines: 20

In article <10436@eddie.MIT.EDU> jbs@fenchurch.UUCP (Jeff Siegal) writes:
>In article <10835@ulysses.homer.nj.att.com> smb@ulysses.homer.nj.att.com (Steven M. Bellovin) writes:
>>You don't need to use all 4096 salts; you simply need the ones used
>>on the target system.
>
>It turns out that, due to a (apparent) bug in passwd.c, at least on
>Berkeley systems, only about 400 salts ever get used.
>
>Jeff Siegal

Hmm.  I just pawed over the password file on ernie.berkeley.edu
[ that's right, the place the worm was transmitting its location to ... ]
and found 630 salts for 671 accounts with passwords.  Some of those 
passwords have been there for an awfully long time.

Where did you get this information?
----------------
Paul M. Aoki
CS Division, Dept. of EECS // UCB // Berkeley, CA 94720		(415) 642-1863
aoki@postgres.Berkeley.EDU					...!ucbvax!aoki