Date: Wed, 19 Mar 2003 00:26:53 +0100 From: des@ofug.org (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=) To: Julian Elischer <julian@elischer.org> Cc: hackers@freebsd.org Subject: Re: rumour of password aging failure in 4.7/4.8RC Message-ID: <xzpof481cjm.fsf@flood.ping.uio.no> In-Reply-To: <Pine.BSF.4.21.0303181439160.35378-100000@InterJet.elischer.org> (Julian Elischer's message of "Tue, 18 Mar 2003 14:45:25 -0800 (PST)") References: <Pine.BSF.4.21.0303181439160.35378-100000@InterJet.elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Julian Elischer <julian@elischer.org> writes: > The other thing they are on about is "3 tries and you are out" password > lockouts. /usr/src/contrib/libpam/modules/pam_tally.c is what they want. > We're trying to 'resurect' it and see if it still works with 4.8. > is there a similar file for the new PAM code? No, but I'll probably write one soon as it will allow us to claim that FreeBSD fulfills the CAPP requirements for authentication strength. > Are old and new PAM modules in any way compatible? If we wrote one that > ran on 4.x would we be able to continue to run int (even with a > recompile) when we switch to 5.3? Depends on how carefully you write it. The reverse (that a module written for 5.x will work on 4.x with minimal modifications) is more likely to be true. DES --=20 Dag-Erling Sm=F8rgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpof481cjm.fsf>