Re: Circle & SQL??

From: Chris Jacobson (fear@ATHENET.NET)
Date: 05/11/98

On 5/11/98 4:49 PM, Daniel Koepke (dkoepke@CALIFORNIA.COM) stated:

>Which still doesn't matter, because crypt() returns a 13 character
>long string.  And MAX_PWD_LENGTH is used for the binary files, thus
>stripping two characters off of the encrypted password.  This is most
>certainly a security flaw, but not--in all likelihood--a "risk."

correction: 3 characters.  Always need a NULL terminator.  :-)

- Chris Jacobson

     | Ensure that you have read the CircleMUD Mailing List FAQ:  |
     | |

This archive was generated by hypermail 2b30 : 12/15/00 PST