Linux Fedora Core 2: Password, Login, and Pam
Tomas Mraz
tmraz at redhat.com
Sun Dec 5 12:00:43 UTC 2004
> > > 2. Lockout an account for time X after three failed attempts.
> > This should be achievable using pam_tally.so but the
> > functionality is partly broken and also not much secure (even
> > after lockout it can reveal succesfull password break attempt
> > to attacker).
>
> Is anyone aware of an active effort to fix this? Would selinux be a place
> to look?
I have a patch for this but it has other problems so I didn't add it to
the rpm yet.
--
Tomas Mraz <tmraz at redhat.com>
More information about the Pam-list
mailing list