Path: utzoo!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!usc!snorkelwacker!spdcc!merk!alliant!linus!chance!ccel
From: ccel@chance.uucp (CCEL)
Newsgroups: comp.unix.questions
Subject: Re: Passwords and salts
Message-ID: <88350@linus.UUCP>
Date: 11 Jan 90 14:24:27 GMT
References: <85606@linus.UUCP> <1974@syma.sussex.ac.uk>
Sender: news@linus.UUCP
Reply-To: ccel@chance.UUCP (CCEL)
Organization: MITRE-McLean Software Engineering Laboratory
Lines: 20

In article <1974@syma.sussex.ac.uk> andy@syma.sussex.ac.uk (Andy Clews) writes:
>From article <85606@linus.UUCP>, by rtidd@mwunix.mitre.org (Randy Tidd):
>> To be responsible, I would be reluctant to distribute the source to
>> anyone who is NOT a system administrator on their machine.
>
>Hmm, so how do you propose to check this? Will you believe anyone who just
>says "I am a system administrator" in their message?

A couple other people pointed this out, but in this case the code was
so simple that it didn't warrant too much "security"... it's not like
it was a fantabulous cracking algorithm developed in the bowels of MIT
or something.

If I wanted to be sure to send it to a system admin, I could just ask
that the people send me mail as root. But even this isn't failsafe. Ah
well...

Randy Tidd
rtidd@mwunix.mitre.org
#define DISCLAIM TRUE