On Wed, Dec 21, 2005 at 04:35:00PM -0000, Donald Fraser wrote:
> Roles are a great improvement to postgresql, but we also talking security
> issues here:
> Our module controls things like:
> 1) how long before a user must change their password (daily, weekly, monthly
> etc)
> 2) password rotation - for example a user cannot use the same password
> within the last three changes
> 3) Password semantics: length of password, dictionary word checks and so
> on...
> 4) Restricting a users rights until they have changed their password (they
> cannot use the system until they change the password set by the
> administrator)
Can you release any of that code under a BSD license? Some of those
should arguably be built-in. If nothing else, it would be good reference
code for others. Though, you can set a 'valid until' limit on roles
right now, but I suppose that's not exactly the same as what you have.
--
Jim C. Nasby, Sr. Engineering Consultant jnasby@pervasive.com
Pervasive Software http://pervasive.com work: 512-231-6117
vcard: http://jim.nasby.net/pervasive.vcf cell: 512-569-9461