RE: passwd

[Al Longyear <longyear sii com>]

Ok. That's sounds good. I'll change it to use popen.

Do you have a dictionary which can be used? I could not find a decent   
one. I wrote a small script to actually use the 'ispell' dictionary for   
the lack of a better dictionary as a list of words (normally in   
/usr/dict/words.)

As I indicated, I don't want to be a fasist either. If you feel that   
npasswd is also good, then please, by all means, write a module. We all   
can live together in this, I am sure.

 ----------
From:  Michael K. Johnson[SMTP:johnsonm@redhat.com]
Sent:  Friday, June 21, 1996 4:34 PM
To:  pam-list
Subject:  Re: passwd

One thing that npasswd did right that passwd+ doesn't seem to is that
when passing the password to a helper application, it popens it and
passes it on stdin instead of as a command-line argument.  Passing
passwords as command-line arguments (such as with the ispell.test
shell script) is a very, very bad idea.  We really want to have
dictionary checking, but doing it the way the passwd+ module currently
does it is more insecure than not doing it at all.