You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi,
to be clear this is rather non-critical, but I wondered about it when checking the Debian libbackuppc-xs-perl package and wanted to ask out of being curious.
I've seen that you use md5 copied from rsync, I wonder if you'd consider stop using embedded code of other projects and instead use the one of a common sytem library like libbsd for example.
I mean md5 isn't consider secure anymore anyway nor is it used for security in the context of this package.
But I just wondered about the copied code and that it would be nicer to not have that.
Maybe that was thought/tried/discussed before an there are reasons not to do so - if that is the case fine, but it would be nice to learn what those reasons were.
The text was updated successfully, but these errors were encountered:
cpaelzer
changed the title
Use system md5
Use md5 of a common system lib?
Jan 7, 2021
Hi,
to be clear this is rather non-critical, but I wondered about it when checking the Debian libbackuppc-xs-perl package and wanted to ask out of being curious.
I've seen that you use md5 copied from rsync, I wonder if you'd consider stop using embedded code of other projects and instead use the one of a common sytem library like libbsd for example.
http://manpages.ubuntu.com/manpages/focal/man7/libbsd.7.html
http://manpages.ubuntu.com/manpages/focal/man3/md5.3bsd.html
I mean md5 isn't consider secure anymore anyway nor is it used for security in the context of this package.
But I just wondered about the copied code and that it would be nicer to not have that.
Maybe that was thought/tried/discussed before an there are reasons not to do so - if that is the case fine, but it would be nice to learn what those reasons were.
The text was updated successfully, but these errors were encountered: