function crypt_make_pw_salt may not be safe
Jackey1024 opened this issue · comments
Function crypt_make_pw_salt in libbb/pw_encrypt.c file may not be safe.
It generates salt from nanosecond values of system time and pid. It could be cracked.
BusyBox mirror
Jackey1024 opened this issue · comments
Function crypt_make_pw_salt in libbb/pw_encrypt.c file may not be safe.
It generates salt from nanosecond values of system time and pid. It could be cracked.