summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>2007-02-27 21:41:59 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>2007-02-27 21:41:59 +0000
commitc4919628796a2cdc601e94c53068dbf8ad9d01b4 (patch)
treea0d730c98d8c72a190cd809c0a3a8ba603e22e9c
parenta8c27f461f2da22691d78dd05aae528c95913945 (diff)
Add md5 to the list of unsecure checksums. Adapted from a diff by
Tamas TEVESZ.
-rw-r--r--bin/md5/cksum.19
1 files changed, 5 insertions, 4 deletions
diff --git a/bin/md5/cksum.1 b/bin/md5/cksum.1
index eaf12a9b2cf..5a12426c099 100644
--- a/bin/md5/cksum.1
+++ b/bin/md5/cksum.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: cksum.1,v 1.11 2006/11/19 17:09:15 jmc Exp $
+.\" $OpenBSD: cksum.1,v 1.12 2007/02/27 21:41:58 millert Exp $
.\"
.\" Copyright (c) 1991, 1993
.\" The Regents of the University of California. All rights reserved.
@@ -259,10 +259,11 @@ utility appeared in
Do not use the
.Ar cksum ,
.Ar md4 ,
+.Ar md5 ,
.Ar sum ,
or
.Ar sysvsum
-algorithms to detect hostile binary modifications.
-An attacker can trivially produce backdoored daemons which have the same
-checksum as the standard versions.
+algorithms to verify file integrity.
+An attacker can trivially produce modified payload that
+has the same checksum as the original version.
Use a cryptographic checksum instead.