Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!wuarchive!uwm.edu!cs.utexas.edu!milano!bigtex!mybest!occrsh!uokmax!jeffm
From: jeffm@uokmax.ecn.uoknor.edu (Jeff Medcalf)
Newsgroups: comp.unix.wizards
Subject: Re: What should go into a security-checking shell script?
Message-ID: <1989Oct24.101908.11851@uokmax.ecn.uoknor.edu>
Date: 24 Oct 89 10:19:08 GMT
References: <363@nisca.ircc.ohio-state.edu>
Reply-To: jeffm@uokmax.UUCP (Jeff Medcalf)
Distribution: usa
Organization: No, it isn't really.  (University of Oklahoma, ECN)
Lines: 20


Password checking

    -  No system password should be allowed to be nonexistent or the same as
	the name of the account.

    -  Users whose accounts have such passwords should be warned that their
	password is unsafe

    -  Should check for null password entries and blank lines in /etc/passwd

This is not intended to be anything more than a minutes work at 5am, so it is
not by any means all inclusive.


-- 
Jeff Medcalf	jeffm@uokmax.uucp    jeffm@uokmax.ecn.uoknor.edu
!chinet!uokmax!jeffm	jeffm@invent_an_address (as reliable as the preceeding)
In 1869, the waffle iron was invented, thus solving the annoying tendency of
waffles to wrinkle in the dryer.