From owner-freebsd-security@FreeBSD.ORG  Sun Sep 14 11:04:17 2008
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A84751065673
	for <freebsd-security@freebsd.org>;
	Sun, 14 Sep 2008 11:04:17 +0000 (UTC)
	(envelope-from mouss@netoyen.net)
Received: from imlil.netoyen.net (imlil.netoyen.net [91.121.103.130])
	by mx1.freebsd.org (Postfix) with ESMTP id 765EF8FC16
	for <freebsd-security@freebsd.org>;
	Sun, 14 Sep 2008 11:04:17 +0000 (UTC)
	(envelope-from mouss@netoyen.net)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=netoyen.net; h=
	content-transfer-encoding:content-type:in-reply-to:references
	:subject:mime-version:user-agent:from:date:message-id:received:
	x-virus-scanned; s=msa; t=1221390320; bh=49ivAs/cQ7xMOQ6M324TwWP
	vD5kysqSOXm7xPS0N4eg=; b=Tr3ofAkSqthJRvKVNxWtAA3tPWD0lgpk069a8Qp
	lifvS9OBkOya0MWDz+AQsGMpfpOGpP0DVRzblGtM5AS2h2GLCmFxgWws6a7CBEGA
	55VNi3n/4TAzHwb7QayUn91Qm5KdwC6lVV4pmSYCh7z7XSLUcss1yGuDDSNFvSxi
	g8uA=
X-Virus-Scanned: amavisd-new at netoyen.net
Received: from [192.168.1.65] (ouzoud.netoyen.net [82.239.111.75])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	(Authenticated sender: mouss@netoyen.net)
	by smtp.netoyen.net (Postfix) with ESMTPSA id C4BD5E54802
	for <freebsd-security@freebsd.org>;
	Sun, 14 Sep 2008 13:05:19 +0200 (CEST)
Message-ID: <48CCEFB8.7090402@netoyen.net>
Date: Sun, 14 Sep 2008 13:04:24 +0200
From: mouss <mouss@netoyen.net>
User-Agent: Thunderbird 2.0.0.12 (Windows/20080213)
MIME-Version: 1.0
CC: freebsd-security@freebsd.org
References: <48CB52AE.6070501@arca.am>	<20080913063522.GA3784@lithium.delete.org>	<48CC26A7.6020407@netoyen.net>
	<alpine.BSF.1.10.0809141111230.72448@fledge.watson.org>
In-Reply-To: <alpine.BSF.1.10.0809141111230.72448@fledge.watson.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: Freebsd auto locking users
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 14 Sep 2008 11:04:17 -0000

Robert Watson wrote:
> [snip]
>> http://lopsa.org/node/29

Missing trailing '5'. Thanks Micheas.

> 
> While these complaints about password expiration are certainly true, it 
> seems like a common policy required by many sites, and failing to be 
> able to support that policy will limit our ability to run at those 
> sites.  It would be nice if we could complete the implementation of some 
> of those password-related policies.

Agreed. Give them the tools and the documentation, and let them decide.