jeans/motioneyeos
jeans/motioneyeos
1
0
Fork 0
mirror of https://github.com/motioneye-project/motioneyeos.git synced 2025-07-27 21:26:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

system: remove DES password encoding

Browse Source 
DES is long dead, it is insecure as hell, and virtually all known
crypt(3) implementations now all support at least md5.

Besides, the character-space of DES-encoded passwords are a sub-set
of the character-space for a clear-text password, so we can't easily
differentiate between the two. Since we're going to change the root
password prompt to support setting encoded passwords (as well as
clear-text passwords), we can't keep DES or we'd be unable to decide
whether we'd need to encode the password or not.

Remove DES encoding altogether (and add a legacy entry). The default is
still md5, and thus there's no backward-compatibility 'select' to add.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Lorenzo Catucci <lorenzo@sancho.ccd.uniroma2.it>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit is contained in:
Yann E. MORIN 2015-03-24 19:54:15 +01:00 committed by Thomas Petazzoni
parent 9c77100151
commit 029179615e
2 changed files with 7 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Config.in.legacy
View File

@ -101,6 +101,13 @@ endif
############################################################################### ###############################################################################
comment "Legacy options removed in 2015.05" comment "Legacy options removed in 2015.05"
config BR2_TARGET_GENERIC_PASSWD_DES
bool "Encoding passwords with DES has been removed"
select BR2_LEGACY
help
Paswords can now only be encoded with either of md5, sha256 or sha512.
The default is md5, which is stronger that DES (but still pretty weak).
config BR2_PACKAGE_GTK2_THEME_HICOLOR config BR2_PACKAGE_GTK2_THEME_HICOLOR
bool "hicolor (default theme) is a duplicate" bool "hicolor (default theme) is a duplicate"
select BR2_LEGACY select BR2_LEGACY

9
system/Config.in
View File

@ -27,14 +27,6 @@ choice
Note: this is used at build-time, and *not* at runtime. Note: this is used at build-time, and *not* at runtime.
config BR2_TARGET_GENERIC_PASSWD_DES
bool "des"
help
Use standard 56-bit DES-based crypt(3) to encode passwords.
Old, wildly available, but also the weakest, very susceptible to
brute-force attacks.
config BR2_TARGET_GENERIC_PASSWD_MD5 config BR2_TARGET_GENERIC_PASSWD_MD5
bool "md5" bool "md5"
help help
@ -67,7 +59,6 @@ endchoice # Passwd encoding
config BR2_TARGET_GENERIC_PASSWD_METHOD config BR2_TARGET_GENERIC_PASSWD_METHOD
string string
default "des" if BR2_TARGET_GENERIC_PASSWD_DES
default "md5" if BR2_TARGET_GENERIC_PASSWD_MD5 default "md5" if BR2_TARGET_GENERIC_PASSWD_MD5
default "sha-256" if BR2_TARGET_GENERIC_PASSWD_SHA256 default "sha-256" if BR2_TARGET_GENERIC_PASSWD_SHA256
default "sha-512" if BR2_TARGET_GENERIC_PASSWD_SHA512 default "sha-512" if BR2_TARGET_GENERIC_PASSWD_SHA512