It looks like I'm getting way behind in my email again. :-( > I'm not sure if having a separate library for crypt makes your system more > or less vulnerable to attack. It does make it easier to deploy password > shadowing, though. David should be in on this discussion as he's currently > maintaining libc.
FYI, a (probably) not-to-distant future version of ld.so will support a secure method for preloading ELF shared libraries. Currently, ld.so only honors preloading for non-setuid/setgid binaries. What this means is that, in theory, it should be possible to create a completely optional package which installs a library to be preloaded that will selectively override libc and provide shadow passwords. David -- David Engel Optical Data Systems, Inc. [EMAIL PROTECTED] 1101 E. Arapaho Road (214) 234-6400 Richardson, TX 75081
