Subject: Re: Chapter 8 security
To: Thor Lancelot Simon <tls@rek.tjls.com>
From: Curt Sampson <cjs@cynic.net>
List: current-users
Date: 04/18/2004 13:55:27
On Fri, 16 Apr 2004, Thor Lancelot Simon wrote:

> If I were the auditor-from-hell, I'd probably insist that this requirement
> be enforced *by crypt(3)*....

If you're go all the way with this, even that might not be good enough.
What is there to stop someone from making the password hash of a poor
pasword on another machine and using vipw to set it?

There seems to me to be another approach to attack this problem, though.
You could get login, ssh, etc. checking the password the user types
in at authentication time to see if it's a poor password (too short;
not enough entropy, in a dictionary, etc.). If so, it could refuse the
login without even bothering to check if the typed-in password matches
the hash in the passwd file. This would effectively prevent anyone from
authenticating with a poor password.

cjs
-- 
Curt Sampson  <cjs@cynic.net>   +81 90 7737 2974   http://www.NetBSD.org
    Don't you know, in this new Dark Age, we're all light.  --XTC