If ever there's a security issue about logging password... to check double
account or whatever...
Maybe, it could be smart instead of logging "plain text password" to
download from the net a crypt function "DES encryption" (.c code) and hack
it up to: You remove the part of the code that assign a random salt to the
encryption... instead, you make it to use a fixed salt.. You would be able
to compare those encrypted password :) Then you compile your MUD using that
.o file... so, you won't compromise your own system ;-) ; And, players would
be happy to keep their password private :)
Or even easier, but maybe less secure.. it could be possible to log some
kind of password in 32bits CRC.
Castillo
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
+------------------------------------------------------------+
| Ensure that you have read the CircleMUD Mailing List FAQ: |
| http://qsilver.queensu.ca/~fletchra/Circle/list-faq.html |
+------------------------------------------------------------+
This archive was generated by hypermail 2b30 : 04/10/01 PDT