Security for UNIX ... looking for crypt() ...
Doug Gwyn
gwyn at smoke.BRL.MIL
Tue Jun 12 16:50:37 AEST 1990
In article <56 at raysnec.UUCP> shwake at raysnec.UUCP (Ray Shwake) writes:
>>I'm searching for the original C-source of the crypt()-routine
>>which crypts the passwords for /etc/passwd.
>The export of encryption technology is covered by law and regulation
>with the intent that it not fall into the "wrong hands".
>Not only is the source code to crypt covered by these restrictions, one
>can not even export the BINARIES except to certain countries, ...
Of course this neglects some relevant facts:
crypt() is just DES with a minor tweak.
DES has been published.
crypt() has been described in technical journals.
Public-domain reimplementations of crypt() are available.
UNIX crypt() used to be shipped unrestricted before
the lawyers got involved and started to worry about it.
The export control concerns are solely due to legal considerations
and government bureaucracy, not because anyone is seriously worried
about crypt() "falling into the wrong hands".
More information about the Comp.unix.questions
mailing list