On Wed, Dec 21, 2005 at 04:35:00PM -0000, Donald Fraser wrote: > Roles are a great improvement to postgresql, but we also talking security > issues here: > Our module controls things like: > 1) how long before a user must change their password (daily, weekly, monthly > etc) > 2) password rotation - for example a user cannot use the same password > within the last three changes > 3) Password semantics: length of password, dictionary word checks and so > on... > 4) Restricting a users rights until they have changed their password (they > cannot use the system until they change the password set by the > administrator) Can you release any of that code under a BSD license? Some of those should arguably be built-in. If nothing else, it would be good reference code for others. Though, you can set a 'valid until' limit on roles right now, but I suppose that's not exactly the same as what you have. -- Jim C. Nasby, Sr. Engineering Consultant jnasby@xxxxxxxxxxxxx Pervasive Software http://pervasive.com work: 512-231-6117 vcard: http://jim.nasby.net/pervasive.vcf cell: 512-569-9461
