9fans archive / 1996 / 10 / 30 /    prev next

From: forsyth@pla... forsyth@pla...
Subject: encrypt/decrypt not thread safe
Date: Wed, 16 Oct 1996 07:07:46 BST

you've supplied your own crypt routine because the real one
isn't included in the distribution for the usual silly reason
(it's illegal in the US to export dangerous cryptographic routines
that anyone in the world can type in from a book they can buy freely).

the version of the routine you've picked (looks like the old unix one,
also non-exportable, but people slip up) isn't safe.  i'm fairly sure
the binary version shipped as crypt.*.save is fine.  
boyd might be able to offer a safe replacement that's not subject to pointless controls.