Linux Fedora Core 2: Password, Login, and Pam

[Tomas Mraz]

> > > 2.  Lockout an account for time X after three failed attempts.
> > This should be achievable using pam_tally.so but the 
> > functionality is partly broken and also not much secure (even 
> > after lockout it can reveal succesfull password break attempt 
> > to attacker).
> 
> Is anyone aware of an active effort to fix this?  Would selinux be a place
> to look?
I have a patch for this but it has other problems so I didn't add it to
the rpm yet.

-- 
Tomas Mraz <tmraz at redhat.com>