Re: Circle & SQL??

From: Daniel Koepke (dkoepke@CALIFORNIA.COM)
Date: 05/11/98

On Mon, 11 May 1998, Chris Jacobson wrote:

->On 5/11/98 4:49 PM, Daniel Koepke (dkoepke@CALIFORNIA.COM) stated:
->>Which still doesn't matter, because crypt() returns a 13 character
->>long string.  And MAX_PWD_LENGTH is used for the binary files, thus
->>stripping two characters off of the encrypted password.  This is most
->>certainly a security flaw, but not--in all likelihood--a "risk."
->correction: 3 characters.  Always need a NULL terminator.  :-)

Correction: CircleMUD does MAX_PWD_LENGTH+1, so there already is room
for a NULL terminator. :)


     | Ensure that you have read the CircleMUD Mailing List FAQ:  |
     | |

This archive was generated by hypermail 2b30 : 12/15/00 PST