Subject: Re: max_{login,group}len in /etc/security
To: Steven M. Bellovin <smb@research.att.com>
From: Eivind Eklund <eivind@FreeBSD.org>
List: tech-security
Date: 04/12/2004 18:03:01
On Sun, Apr 11, 2004 at 11:07:34AM -0400, Steven M. Bellovin wrote:
> At least for user names, the issue is ambiguity in programs that limit
> the length -- note that utmp.h, for example, limits user names to 8
> characters.
>
> That said, I'd really like it if the that would change, but it could
> break backwards binary compatibility in a major way. (A quick grep
> shows about 40 files in /usr/src that include utmp.h -- and I didn't
> even try to look at pkgsrc.)
Just FYI: FreeBSD changed this from 8 to 16 going from FreeBSD 2.2 to
FreeBSD 3.0. My memory pegs the user impact as slightly noticable, but
not really a big deal in practice.
Eivind.