diff options
author | Todd C. Miller <millert@cvs.openbsd.org> | 2007-02-27 21:41:59 +0000 |
---|---|---|
committer | Todd C. Miller <millert@cvs.openbsd.org> | 2007-02-27 21:41:59 +0000 |
commit | c4919628796a2cdc601e94c53068dbf8ad9d01b4 (patch) | |
tree | a0d730c98d8c72a190cd809c0a3a8ba603e22e9c | |
parent | a8c27f461f2da22691d78dd05aae528c95913945 (diff) |
Add md5 to the list of unsecure checksums. Adapted from a diff by
Tamas TEVESZ.
-rw-r--r-- | bin/md5/cksum.1 | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/bin/md5/cksum.1 b/bin/md5/cksum.1 index eaf12a9b2cf..5a12426c099 100644 --- a/bin/md5/cksum.1 +++ b/bin/md5/cksum.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: cksum.1,v 1.11 2006/11/19 17:09:15 jmc Exp $ +.\" $OpenBSD: cksum.1,v 1.12 2007/02/27 21:41:58 millert Exp $ .\" .\" Copyright (c) 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -259,10 +259,11 @@ utility appeared in Do not use the .Ar cksum , .Ar md4 , +.Ar md5 , .Ar sum , or .Ar sysvsum -algorithms to detect hostile binary modifications. -An attacker can trivially produce backdoored daemons which have the same -checksum as the standard versions. +algorithms to verify file integrity. +An attacker can trivially produce modified payload that +has the same checksum as the original version. Use a cryptographic checksum instead. |