Date: Sat, 19 Jan 2002 10:47:08 +0000 From: Mark Murray <mark@grondar.za> To: "Andrey A. Chernov" <ache@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libpam/modules/pam_opie pam_opie.c Message-ID: <200201191047.g0JAl8t20334@grimreaper.grondar.org> In-Reply-To: <200201191009.g0JA95b91076@freefall.freebsd.org> ; from "Andrey A. Chernov" <ache@FreeBSD.org> "Sat, 19 Jan 2002 02:09:05 PST." References: <200201191009.g0JA95b91076@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> ache 2002/01/19 02:09:05 PST > > Modified files: > lib/libpam/modules/pam_opie pam_opie.c > Log: > If user not exist in OPIE system, return failure immediately instead > of producing fake prompts with random numbers which can be detected by > potential intruder in two tries and totally confuse non-OPIE users. I object to this. The better way is to produce fake but (semi-) constant challenge. How much discussing with the PAM people have you done here? M -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201191047.g0JAl8t20334>