Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.1 6/24/83; site utcs.UUCP Path: utzoo!utcs!ian From: ian@utcs.UUCP (Ian F. Darwin) Newsgroups: net.unix Subject: Re: password aging Message-ID: <757@utcs.UUCP> Date: Thu, 18-Jul-85 15:47:37 EDT Article-I.D.: utcs.757 Posted: Thu Jul 18 15:47:37 1985 Date-Received: Thu, 18-Jul-85 16:26:15 EDT References: <527@dicomed.UUCP> Reply-To: the dealy lhama Followup-To: net.unix Distribution: net.unix Organization: University of Toronto - General Purpose UNIX Lines: 30 Searching-for: satori Settling-for-in-the-meantime: saki In article <527@dicomed.UUCP> salmi@dicomed.UUCP (John Salmi) writes: >I understand that SysV offers a password aging scheme. Does 4.x BSD support >anything similar? If no, has anyone done a hack to allow password aging? I presume the reason that you're interested is to make your system more secure. Some forms of password again can instead make it less so. Before you copy the System V password aging stuff to 4BSD, I recommend that you read the only significant discussion of the topic that I'm aware of. It's contained in the following paper in the AT&T Bell Labs Tech Journal. %A F. T. Grampp %A R. H. Morris %T UNIX Operating System Security %J BLTJ %V 63 %N 8 %D October, 1984 %P 1649 %X Computing systems that are easy to access and that facilitate communication with other systems are by their nature difficult to secure. Most often, though, the level of security that is actually achieved is far below what it could be. This is due to many factors, the most important of which are the knowledge and attitudes of the administrators and users of such systems. We discuss here some of the security hazards of the UNIX operating system, and we suggest ways to protect against them, in the hope that an educated community of users will lead to a level of protection that is stronger, but far more importantly, that represents a reasonable and thoughtful balance between security and ease of use of the system. We will not construct parallel examples for other systems, but we encourage readers to do so for themselves.''