| www.delorie.com/gnu/docs/glibc/libc_659.html | search |
 Buy the book! | |
| www.delorie.com/gnu/docs/glibc/libc_659.html | search |
|
Buy the book! | |
| [ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
On many systems, it is unnecessary to have any kind of user authentication; for instance, a workstation which is not connected to a network probably does not need any user authentication, because to use the machine an intruder must have physical access.
Sometimes, however, it is necessary to be sure that a user is authorized to use some service a machine provides--for instance, to log in as a particular user id (see section 29. Users and Groups). One traditional way of doing this is for each user to choose a secret password; then, the system can ask someone claiming to be a user what the user's password is, and if the person gives the correct password then the system can grant the appropriate privileges.
If all the passwords are just stored in a file somewhere, then this file has to be very carefully protected. To avoid this, passwords are run through a one-way function, a function which makes it difficult to work out what its input was by looking at its output, before storing in the file.
The GNU C library already provides a one-way function based on MD5 and for compatibility with Unix systems the standard one-way function based on the Data Encryption Standard.
It also provides support for Secure RPC, and some library functions that can be used to perform normal DES encryption.
32.1 Legal Problems This software can get you locked up, or worse. 32.2 Reading Passwords Prompting the user for a password. 32.3 Encrypting Passwords A one-way function for UNIX passwords. 32.4 DES Encryption Routines for DES encryption.
| [ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
| webmaster donations bookstore | delorie software privacy |
| Copyright © 2003 by The Free Software Foundation | Updated Jun 2003 |