From owner-freebsd-hackers Mon Nov 3 10:14:20 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id KAA20776 for hackers-outgoing; Mon, 3 Nov 1997 10:14:20 -0800 (PST) (envelope-from owner-freebsd-hackers) Received: from ns1.yes.no (ns1.yes.no [195.119.24.10]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id KAA20769 for ; Mon, 3 Nov 1997 10:14:05 -0800 (PST) (envelope-from eivind@bitbox.follo.net) Received: from bitbox.follo.net (bitbox.follo.net [194.198.43.36]) by ns1.yes.no (8.8.7/8.8.7) with ESMTP id SAA00006; Mon, 3 Nov 1997 18:13:51 GMT Received: (from eivind@localhost) by bitbox.follo.net (8.8.6/8.8.6) id TAA23244; Mon, 3 Nov 1997 19:13:49 +0100 (MET) Message-ID: <19971103191349.30502@bitbox.follo.net> Date: Mon, 3 Nov 1997 19:13:49 +0100 From: Eivind Eklund To: Tom Cc: hackers@FreeBSD.ORG Subject: Re: Password verification (Was: cvs commit: ports/x11/kdebase - Imported sources) References: <199711031005.LAA21994@bitbox.follo.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.69e In-Reply-To: ; from Tom on Mon, Nov 03, 1997 at 10:07:24AM -0800 Sender: owner-freebsd-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Mon, Nov 03, 1997 at 10:07:24AM -0800, Tom wrote: > On Mon, 3 Nov 1997, Eivind Eklund wrote: > > > You can always use the pwcheck daemon from the Cyrus module (see ports). > > > It opens a unix socket at /var/pwcheck/pwcheck. Permissions on the > > > /var/pwcheck directory can be used to determine who can check passwords. > > > > Is it restricted to only let a user check his own password? Or could > > we make it only check a users own password fairly easily? > > How would that be useful? Security. If a user can check other people's passwords, he can brute-force passwords. If he can't, he can't. :-) Eivind.