Subject: Re: default passwd.conf file
To: Steven M. Bellovin <smb@research.att.com>
From: Lubomir Sedlacik <salo@Xtrmntr.org>
List: tech-security
Date: 04/14/2002 16:30:58
--uZ3hkaAS1mZxFaxD
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

hi,

On Sun, Apr 14, 2002 at 10:11:41AM -0400, Steven M. Bellovin wrote:
> In message <20020414010934.A3325@noc.untraceable.net>, Andrew Brown
> writes:
> >
> > Incidentally, why isn't this in login.conf instead?=20
> >
> > Is there some reason to have NetBSD's login.conf be different from
> > other login.conf implementations for just how passwords are stored?
>=20
> I've been asking that for a *long* time.  I haven't yet seen a
> satisfactory answer, either.
>
> [...]=20
>
> Also (and as noted by others) there are other things in NetBSD's
> login.conf that only affect passwd, such as passwordtime and
> minpasswordlen.

but that's something different, because you define login *classes* in
login.conf and thus you can specify different passwordtime and
minpasswordlen for different users.

i don't think there is a reason to put this into login.conf because it
has nothing to do with login classes, it defines *system* behaviour wrt
password encryption algorithm.

regards,

--=20
-- Lubomir Sedlacik <salo@Xtrmntr.org>   ASCII Ribbon campaign against  /"\=
 --
--                  <salo@silcnet.org>   e-mail in gratuitous HTML and  \ /=
 --
--                                       Microsoft proprietary formats   X =
 --
-- PGPkey: http://Xtrmntr.org/salo.pgp                                  / \=
 --
-- Key Fingerprint: DBEC 8BEC 9A90 ECEC 0FEF  716E 59CE B70B 7E3B 70E2     =
 --

--uZ3hkaAS1mZxFaxD
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (NetBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE8uZKiWc63C347cOIRAtgAAKCqlkoEtNJPuKNGnKfzNZ7zmfsYngCfbkPZ
B1/r03sKuREeEDrDzivqHNw=
=UZ6E
-----END PGP SIGNATURE-----

--uZ3hkaAS1mZxFaxD--