Re: Locking the failed login attemp
From: Casper H.S. Dik (Casper.Dik_at_Sun.COM)
Date: 07/21/04
- Next message: Richard L. Hamilton: "Re: Locking the failed login attemp"
- Previous message: joe durusau: "Re: Solaris Shell account"
- In reply to:(deleted message) Michael Vilain
: "Re: Locking the failed login attemp" - Next in thread: Richard L. Hamilton: "Re: Locking the failed login attemp"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 21 Jul 2004 12:44:38 GMT
"Michael Vilain <vilain@spamcop.net>" writes:
>This is ill-advised as it's an opportunity for a denial of service
>attack. All someone would need is a list of accounts and they could
>lock them all out. Is there some external security requirement they
>need to fulfill?
Indeed; but it is also an oft requested feature; it's now available when
using LDAP server based authentication.
>Solaris can't do this out-of the box. It would require installing a
>custom PAM. There are some that do this. Google for them.
It is possible with LDAP.
>Does Solaris 10 will have this feature? Installing that might be your
>solution.
Support for local files will be added to S10; it will be disabled
by default and we have gone through some lengths to make it a bit
harder to enable for root.
Casper
-- Expressed in this posting are my opinions. They are in no way related to opinions held by my employer, Sun Microsystems. Statements on Sun products included here are not gospel and may be fiction rather than truth.
- Next message: Richard L. Hamilton: "Re: Locking the failed login attemp"
- Previous message: joe durusau: "Re: Solaris Shell account"
- In reply to:(deleted message) Michael Vilain
: "Re: Locking the failed login attemp" - Next in thread: Richard L. Hamilton: "Re: Locking the failed login attemp"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
