This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [RFC] FIPS compliance and other crypt(3) improvements


On Tuesday, September 04, 2012 20:22:22 Alexandre Oliva wrote:
> On Jun  5, 2012, Alexandre Oliva <aoliva@redhat.com> wrote:
> > Me neither.  Exposing any alternate entry point would make room for
> > security-related abuses.
> > 
> > Now, I must confess I'm surprised this FIPS-related restrictions on
> > crypt are being seriously considered for glibc.  I'd have thought
> > we'd privilege POSIX-compliant behavior, pushing FIPS password
> > algorithm rejection to code that uses crypt for actual password
> > checking or modification, rather than for any code that calls crypt
> > for whatever reason (e.g., password crackers).
> > 
> > I've implemented your other suggestions and fixes, thanks!
> 
> Ping?
> 
> I've now updated this patchset (fixed a Makefile conflict and the
> Makefile name in the ChangeLog entry) and pushed to
> lxoliva/crypt-fips-bz811753 (minus ChangeLog entries; they're in git
> logs only).
> 
> Ok for master?

Please post the complete patch set again - and remove the Contributed by 
lines you have in the new files:

+   Contributed by Alexandre Oliva <aoliva@redhat.com>, 2012.

We don't add those anymore for new files.

Thanks,
Andreas
- 
 Andreas Jaeger aj@{suse.com,opensuse.org} Twitter/Identica: jaegerandi
  SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
   GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg)
    GPG fingerprint = 93A3 365E CE47 B889 DF7F  FED1 389A 563C C272 A126


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]