Developer Resources
Board support packages
Foundry27 projects
Forums
Home
Developer Resources
QNX RTOS v4
QNX RTOS v4 Knowledge Base

QNX RTOS v4 Knowledge Base

Foundry27
Foundry27
QNX RTOS v4 project
Resources

QNX RTOS v4 Knowledge Base

Title QNX Crypt fix posted for Beta
Ref. No. QNX.000009619
Category(ies) Utilities, Configuration
Issue Is there a fix for the cracked QNX crypt() function?
Solution Yes, there is a fix for this using the standard Unix DES crypt()methods. The result is this Security Update, which has been tested and is ready for beta customers. 
Here is a description of what the crypt() fix archive contains.
_________________________________________________________________

                            QNX Operating System

Security Update

  Release Notes
    _________________________________________________________________

  Note: To obtain technical support for any QNX product, visit the
  Technical Support section in the Support area on our website
  (www.qnx.com). You'll find a wide range of support options,
  including our free web-based QNX Developer's Network.
    _________________________________________________________________

  This file contains the following sections:

    Components included in this update
    Installation issues
    History of the problem
    Source code


                      Components included in this update


  For this product:      These utilities/libs were updated:
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  QNX OS v4.25            login
                          passwd
                          su

  Photon v1.14            phlogin

  TCP/IP Runtime v4.25    ftpd
                          pcnfsd
                          popper
                          pppd
                          rexecd
                          tn3270
                          map3270

  Watcom v10.6            unix3r.lib
                          unix3s.lib
                          unixc.lib
                          unixg3r.lib
                          unixh.lib
                          unixl.lib
                          unixm.lib
                          unixs.lib
  QNX Windows v4.24      olwm


                              Installation issues
    _________________________________________________________________

  Note: Only root users can affect security on your system - normal
  users don't have read access to the /etc/shadow file.

  You must be root to install the Security Update.
    _________________________________________________________________

  You must install the QNX Security Update archive before any other
  archives. This archive decrypts the current /etc/shadow file and then
  encrypts the shadow file again using the standard Unix crypt().

  During installation, the install program will first back up all files
  that need to be updated. The backup files will be named
  filename.qcrypt.

  All files that need to be updated must be present during the install
  process. This avoids possible version-conflict errors. If some files
  are missing during installation, the installer will make you aware of
  the problem. If you run into this problem, the best solution would be
  to install the affected product again from the original CD, diskset,
  or archives.
    _________________________________________________________________

  Note: The fixes in this Security Update have been tested only with the
  latest released software and contain only crypt-related changes.
    _________________________________________________________________

                            History of the problem

  In 1990, QNX qcrypt() was written using our own methods of encryption.
  Although DES was available at that time, with the export restrictions
  in place we would have been unable to ship our products
  internationally. This simply was not an option at the time.

  Recently, we heard that the QNX 4 crypt() function had been cracked.
  Immediately we had a fix for this using the standard Unix DES crypt()
  methods. The result is this Security Update, which has been tested and
  is ready for beta customers.
                                  Source code

  The Security Update archive includes a utility (fix-shadow) that
  decrypts the current /etc/shadow file and then encrypts the shadow
  file again using the standard Unix crypt().

  Under /updates/qnx42/Beta/Security, we've posted the source code for
  the files that were used to create the fix-shadow utility:

  main.c
          Main function

  quncrypt.c
          Decrypt function

  crypt.c
          Standard Unix crypt() function

  We used this cc command line to build the fix-shadow executable:

  cc -l main.c quncrypt.c crypt.c -o fix-shadow
    _________________________________________________________________

  Caution: The source code used to fix the security problem was
  published *for your information*. You don't need to actually build and
  run the fix-shadow utility, because installing this Security Update
  automatically produces a secure /etc/shadow file for you.
    _________________________________________________________________