netbsd-bugs: Re: security/10206 - proposed solution (concept)

Subject: Re: security/10206 - proposed solution (concept)
To: None <elad@netbsd.org, gnats-admin@netbsd.org, netbsd-bugs@netbsd.org>
From: Alan Barrett <apb@cequrux.com>
List: netbsd-bugs
Date: 08/16/2005 22:27:02

The following reply was made to PR bin/10206; it has been noted by GNATS.

From: Alan Barrett <apb@cequrux.com>
To: tech-security@NetBSD.org
Cc: gnats-bugs@NetBSD.org
Subject: Re: security/10206 - proposed solution (concept)
Date: Wed, 17 Aug 2005 00:26:07 +0200

 On Wed, 17 Aug 2005, Elad Efrat wrote:
 > An example entry in /etc/passwd.conf for at least 8 character passwords
 > combining both upper/lower case and digits can be:
 > 
 > policy:
 >   minlen = 8
 >   upper = yes
 >   lower = yes
 >   digits = yes

 If I understand correctly, "upper = yes" really means "uppercase
 characters are required", and "upper = no" really means "uppercase
 characters are optional (not required)".  Or do I misunderstand, and
 "upper = no" really means "uppercase characters are prohibited"?

 I'd prefer to see keywords like "required", "optional" and "prohibited",
 rather than "yes" and "no".

 --apb (Alan Barrett)