Re: Circle & SQL??

From: Daniel Koepke (dkoepke@CALIFORNIA.COM)
Date: 05/11/98

Next message: Daniel Koepke: "Re: [OFF-TOPIC] MAX_PWD_LENGTH (was: Circle & SQL??)"
Previous message: Chris Jacobson: "Re: Circle & SQL??"
Maybe in reply to: The Merciless Lord of everything: "Circle & SQL??"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 11 May 1998, Chris Jacobson wrote:

->On 5/11/98 4:49 PM, Daniel Koepke (dkoepke@CALIFORNIA.COM) stated:
->
->>Which still doesn't matter, because crypt() returns a 13 character
->>long string.  And MAX_PWD_LENGTH is used for the binary files, thus
->>stripping two characters off of the encrypted password.  This is most
->>certainly a security flaw, but not--in all likelihood--a "risk."
->
->correction: 3 characters.  Always need a NULL terminator.  :-)

Correction: CircleMUD does MAX_PWD_LENGTH+1, so there already is room
for a NULL terminator. :)

-dak


     +------------------------------------------------------------+
     | Ensure that you have read the CircleMUD Mailing List FAQ:  |
     | http://democracy.queensu.ca/~fletcher/Circle/list-faq.html |
     +------------------------------------------------------------+

Next message: Daniel Koepke: "Re: [OFF-TOPIC] MAX_PWD_LENGTH (was: Circle & SQL??)"
Previous message: Chris Jacobson: "Re: Circle & SQL??"
Maybe in reply to: The Merciless Lord of everything: "Circle & SQL??"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : 12/15/00 PST