[nSLUG] Crypt in Perl
D G Teed
donald.teed at gmail.com
Wed Jan 7 23:53:55 AST 2009
On Wed, Jan 7, 2009 at 10:03 PM, Daniel Morrison <draker at gmail.com> wrote:
> 2009/1/7 D G Teed <donald.teed at gmail.com>:
> > You must have mistaken me for a web developer. I'm just
> > a Sysadmin, trying not to cause discomfort for users.
> > We are after seamless changes here, not announcements
> > that everyone needs to change their password (that is
> > what they would expect of phishers anyway).
> Not at all! I was merely pointing out where George mentioned the
> recommendation from Python docs to use the full crypted password as a
> Moreover, from the glibc manual:
> "To verify a password against the result of a previous call to crypt,
> pass the result of the previous call as the salt."
I don't need to rewrite the app, merely migrate it.
End of story. If I was making an application, I wouldn't use
this anyway - I'd either have something with a database and md5,
or use LDAP/AD/pam for auth. Features like account maintenance
and expiry are missing from something as basic as flat files.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the nSLUG