passwd access method?
Neil Rickert
rickert at mp.cs.niu.edu
Tue Aug 28 10:42:36 AEST 1990
In article <14920004 at hpdmd48.boi.hp.com> markw at hpdmd48.boi.hp.com (Mark Wolfe) writes:
>
> As a part of beefing up security on the machines I administer, I'm working
>on implementing password aging. In order to simplify the process, I wrote a
>
> My question is this:
> Is there a proper way to access the passwd file to insure file inegrity and
>security? I use the lockf call to reduce the chance of simultaneous access doing
Before you worry about locking the passwd file, why don't you work on the more
important problems:
1. Making sure the user doesn't just choose the same password again.
2. Ensuring that the user doesn't change to a different password, then
immediately change back to the original.
3. Making sure that the user doesn't write down his/her new password,
just in case it is forgotten.
4. Making sure that the user doesn't select an easy to guess password,
because with all the forced password changes he/she has run out of
good ideas for hard to guess passwords.
5. Making sure that the user doesn't login from a PC terminal emulator,
with an automatic login script, and with his password there on the
PC where anyone with access to the PC can get it.
I guess it is hopeless. People will continue to come up with technical
solutions to the problem which fail to take into account the real source of
security weaknesses - human psychology.
--
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
Neil W. Rickert, Computer Science <rickert at cs.niu.edu>
Northern Illinois Univ.
DeKalb, IL 60115. +1-815-753-6940
More information about the Comp.unix.questions
mailing list