HP-UX 11i June 2002 Release Notes

Security

Configurable Security Features

Chapter 13

231

Configurable Security Features

new at 11i

original release

Administrators now have a new convenient way to customize security features. A new

/etc/default/security file is defined. Editing this file provides a way to configure new

security features or to modify the behavior of existing security features.

A PASSWORD_HISTORY_DEPTH=<n> parameter can be added to /etc/default/security

to enable a new password history feature, which forces users to choose passwords that do

not match their most recent <n> passwords.

A MIN_PASSWORD_LENGTH=<n> parameter can be added to /etc/default/security to

force users to choose passwords which have at least <n> characters.

A SU_ROOT_GROUP=<groupname> parameter can be added to /etc/default/security to

allow users to su to root only if they are a member of the <groupname> group.

See security (4) for additional parameters and details.