Linux Fedora Core 2: Password, Login, and Pam

Browder, Tom Tom.Browder at fwb.srs.com
Tue Dec 14 17:51:00 UTC 2004


> -----Original Message-----
> From: pam-list-bounces at redhat.com 
> [mailto:pam-list-bounces at redhat.com] On Behalf Of Tomas Mraz
> Sent: Sunday, December 05, 2004 6:01 AM
> To: Pluggable Authentication Modules
> Subject: RE: Linux Fedora Core 2: Password, Login, and Pam
> > > > 2.  Lockout an account for time X after three failed attempts.
> > > This should be achievable using pam_tally.so but the 
> functionality 
> > > is partly broken and also not much secure (even after 
> lockout it can 
> > > reveal succesfull password break attempt to attacker).
> > 
> > Is anyone aware of an active effort to fix this?  Would 
> selinux be a 
> > place to look?
> I have a patch for this but it has other problems so I didn't 
> add it to the rpm yet.

Tomas, I need this functionality.  I have downloaded the pam source
(Linux-PAM-0.78.tar.gz)and want to help with this fix.  Can I get your
patch and test it?

Thanks.

Tom Browder




More information about the Pam-list mailing list