From mboxrd@z Thu Jan  1 00:00:00 1970
Date: Wed, 16 Oct 1996 07:07:46 +0100
From: forsyth@plan9.cs.york.ac.uk forsyth@plan9.cs.york.ac.uk
Subject: encrypt/decrypt not thread safe
Topicbox-Message-UUID: 4ef23b08-eac8-11e9-9e20-41e7f4b1d025
Message-ID: <19961016060746.ujTJfd3OT_1GXX2v2gIAqrV-kJQdyiayye4SVFfhq34@z>

you've supplied your own crypt routine because the real one
isn't included in the distribution for the usual silly reason
(it's illegal in the US to export dangerous cryptographic routines
that anyone in the world can type in from a book they can buy freely).

the version of the routine you've picked (looks like the old unix one,
also non-exportable, but people slip up) isn't safe.  i'm fairly sure
the binary version shipped as crypt.*.save is fine.  
boyd might be able to offer a safe replacement that's not subject to pointless controls.