Re: F30 Self-Contained Change proposal: libcrypt.so.1 (compatibility library for POSIX): Let encrypt, encrypt_r, setkey, setkey_r, and fcrypt return ENOSYS instead of performing any real operation

Am Dienstag, den 15.01.2019, 15:20 +0100 schrieb Florian Weimer: > * Simo Sorce: > > > > Maybe the stub implementation should just overwrite the argument > > > with > > > zeros. > > > > I wouldn't overwrite with zeros because then it is clear the > > encryption > > failed and if it is used in

Re: F30 Self-Contained Change proposal: libcrypt.so.1 (compatibility library for POSIX): Let encrypt, encrypt_r, setkey, setkey_r, and fcrypt return ENOSYS instead of performing any real operation

* Simo Sorce: >> Maybe the stub implementation should just overwrite the argument with >> zeros. > > I wouldn't overwrite with zeros because then it is clear the encryption > failed and if it is used in non-orthodox ways could give an attacker a > way to exploit the zeroing. > > (for example if

Re: F30 Self-Contained Change proposal: libcrypt.so.1 (compatibility library for POSIX): Let encrypt, encrypt_r, setkey, setkey_r, and fcrypt return ENOSYS instead of performing any real operation

On Tue, 2019-01-15 at 14:51 +0100, Florian Weimer wrote: > * Simo Sorce: > > > On Tue, 2019-01-15 at 10:39 +0100, Florian Weimer wrote: > > > * Ben Cotton: > > > > > > > Remove real functionality from encrypt, encrypt_r, setkey, setkey_r, > > > > and fcrypt from the libxcrypt.so.1 compatibility

Re: F30 Self-Contained Change proposal: libcrypt.so.1 (compatibility library for POSIX): Let encrypt, encrypt_r, setkey, setkey_r, and fcrypt return ENOSYS instead of performing any real operation

* Simo Sorce: > On Tue, 2019-01-15 at 10:39 +0100, Florian Weimer wrote: >> * Ben Cotton: >> >> > Remove real functionality from encrypt, encrypt_r, setkey, setkey_r, >> > and fcrypt from the libxcrypt.so.1 compatibility library and let those >> > functions set "errno" to "ENOSYS" when invoked.

Re: F30 Self-Contained Change proposal: libcrypt.so.1 (compatibility library for POSIX): Let encrypt, encrypt_r, setkey, setkey_r, and fcrypt return ENOSYS instead of performing any real operation

On 15/01/2019 13:42, Simo Sorce wrote: On Tue, 2019-01-15 at 10:39 +0100, Florian Weimer wrote: * Ben Cotton: Remove real functionality from encrypt, encrypt_r, setkey, setkey_r, and fcrypt from the libxcrypt.so.1 compatibility library and let those functions set "errno" to "ENOSYS" when

Re: F30 Self-Contained Change proposal: libcrypt.so.1 (compatibility library for POSIX): Let encrypt, encrypt_r, setkey, setkey_r, and fcrypt return ENOSYS instead of performing any real operation

On Tue, 2019-01-15 at 10:39 +0100, Florian Weimer wrote: > * Ben Cotton: > > > Remove real functionality from encrypt, encrypt_r, setkey, setkey_r, > > and fcrypt from the libxcrypt.so.1 compatibility library and let those > > functions set "errno" to "ENOSYS" when invoked. > > encrypt rewrites

Re: F30 Self-Contained Change proposal: libcrypt.so.1 (compatibility library for POSIX): Let encrypt, encrypt_r, setkey, setkey_r, and fcrypt return ENOSYS instead of performing any real operation

* Ben Cotton: > Remove real functionality from encrypt, encrypt_r, setkey, setkey_r, > and fcrypt from the libxcrypt.so.1 compatibility library and let those > functions set "errno" to "ENOSYS" when invoked. encrypt rewrites its argument in place, so this will leave the argument unencrypted.

F30 Self-Contained Change proposal: libcrypt.so.1 (compatibility library for POSIX): Let encrypt, encrypt_r, setkey, setkey_r, and fcrypt return ENOSYS instead of performing any real operation

Remove real functionality from encrypt, encrypt_r, setkey, setkey_r, and fcrypt from the libxcrypt.so.1 compatibility library and let those functions set "errno" to "ENOSYS" when invoked. == Owner == * Name: [[User:besser82 | Björn Esser]] == Detailed Description == In

F30 Self-Contained Change proposal: libcrypt.so.1 (compatibility library for POSIX): Let encrypt, encrypt_r, setkey, setkey_r, and fcrypt return ENOSYS instead of performing any real operation

Remove real functionality from encrypt, encrypt_r, setkey, setkey_r, and fcrypt from the libxcrypt.so.1 compatibility library and let those functions set "errno" to "ENOSYS" when invoked. == Owner == * Name: [[User:besser82 | Björn Esser]] == Detailed Description == In