Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.1 6/24/83; site utcs.UUCP
Path: utzoo!utcs!ian
From: ian@utcs.UUCP (Ian F. Darwin)
Newsgroups: net.unix
Subject: Re: password aging
Message-ID: <757@utcs.UUCP>
Date: Thu, 18-Jul-85 15:47:37 EDT
Article-I.D.: utcs.757
Posted: Thu Jul 18 15:47:37 1985
Date-Received: Thu, 18-Jul-85 16:26:15 EDT
References: <527@dicomed.UUCP>
Reply-To: the dealy lhama
Followup-To: net.unix
Distribution: net.unix
Organization: University of Toronto - General Purpose UNIX
Lines: 30
Searching-for: satori
Settling-for-in-the-meantime: saki

In article <527@dicomed.UUCP> salmi@dicomed.UUCP (John Salmi) writes:
>I understand that SysV offers a password aging scheme.  Does 4.x BSD support
>anything similar?  If no, has anyone done a hack to allow password aging?

I presume the reason that you're interested is to make your system
more secure. Some forms of password again can instead make it less so.
Before you copy the System V password aging stuff to 4BSD, I
recommend that you read the only significant discussion of
the topic that I'm aware of. It's contained in the following
paper in the AT&T Bell Labs Tech Journal.

%A F. T. Grampp
%A R. H. Morris
%T UNIX Operating System Security
%J BLTJ
%V 63
%N 8
%D October, 1984
%P 1649
%X Computing systems that are easy to access and that facilitate communication
with other systems are by their nature difficult to secure. Most often,
though, the level of security that is actually achieved is far below what it could
be. This is due to many factors, the most important of which are the
knowledge and attitudes of the administrators and users of such systems. We discuss
here some of the security hazards of the UNIX operating system, and we
suggest ways to protect against them, in the hope that an educated community
of users will lead to a level of protection that is stronger, but far more
importantly, that represents a reasonable and thoughtful balance between
security and ease of use of the system. We will not construct parallel examples
for other systems, but we encourage readers to do so for themselves.''