On Thu, 27 Dec 2001 16:12:06 -0800 Dennis Gearon <[EMAIL PROTECTED]> mentioned:
> If the crack lib functions are for cracking passwords or other non > commerce/offensive/hacker efforts, I strongly object to their inclusion in the > functions of PHP. The PHP/Apache community does not need to give the > gates/microsoft/.net community any ammunition for bad publicity. Crackers won't be using php to crack passwords. What cracklib can do in php is allow web applications to be developed for ensuring the security of your password files. When you have a system with over 500 passwords on it, I guarantee that many of them will be easily crackable. Good system administrators run their password files through crackers from time to time for the purpose of ensuring that if the root account is compromised, that it would extremely difficult for the cracker to get passwords that belong to users (passwords that the users will very likely use on other machines- and very likely use again on the compromised system). There is nothing wrong with php being used for this purpose. There is nothing wrong with a php wrapper to cracklib. That's what php is, btw. primarily- A wrapper language. They don't develop cracklib- php just can be used as a wrapper to it. I don't like politics and coding mixing. And I don't think something should be left out due to politics. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
