> -----Original Message----- > From: pam-list-bounces@xxxxxxxxxx > [mailto:pam-list-bounces@xxxxxxxxxx] On Behalf Of Tomas Mraz > Sent: Sunday, December 05, 2004 6:01 AM > To: Pluggable Authentication Modules > Subject: RE: Linux Fedora Core 2: Password, Login, and Pam > > > > 2. Lockout an account for time X after three failed attempts. > > > This should be achievable using pam_tally.so but the > functionality > > > is partly broken and also not much secure (even after > lockout it can > > > reveal succesfull password break attempt to attacker). > > > > Is anyone aware of an active effort to fix this? Would > selinux be a > > place to look? > I have a patch for this but it has other problems so I didn't > add it to the rpm yet. Tomas, I need this functionality. I have downloaded the pam source (Linux-PAM-0.78.tar.gz)and want to help with this fix. Can I get your patch and test it? Thanks. Tom Browder _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
