Re: sudo and cracklib
On Tue, 16 Feb 1999, Ben Collins wrote:
> On Tue, Feb 16, 1999 at 02:46:47PM -0500, Jean Pierre LeJacq wrote:
> >
> > My thinking here was that word lists could be generated from any
> > number of sources including files such as /etc/passwd. These could
> > potentially change daily.
>
> "Could be" means they don't by default, as in the default installation.
> Nor do you give this option, nor do I think it is a good idea to give
> them this option.
Your not correct here. In /etc/cracklib/cracklib.conf you can
specify files of word lists. I've defined a default set that
includes files in /usr/dict and /usr/share/dict but this is
easily changes by editing the cracklib.conf.
I think its essentially to allow system admins to define
additional word lists. For example, many folks pick passwords
that are names of relatives. An admin can easily protect his
system from this by defining a file containing these names.
> Also, on a hugely busy system the, /var/log/wtmp could grow out of
> proportion on a daily basis, but we only rotate it once a week, since
> that is the normal usage. Stick with common usage, which means, there
> does not need to be a cron job to update a static default dictionary.
Again, this is not a static default dictionary. See above.
--
Jean Pierre
Reply to: