Re: your mail

From: Brian Reichert (reichert_at_numachi.com)
Date: 10/30/03

  • Next message: Mark Johnston: "Using racoon-negotiated IPSec with ipfw and natd" 
    Date: Thu, 30 Oct 2003 13:35:46 -0500
To: Michael Carlson <carlson39@llnl.gov>

    On Thu, Oct 30, 2003 at 08:45:03AM -0800, Michael Carlson wrote:
    >
    > I have asked this before in -questions but due to a odd security
    > requirement, I need the option to auto lock a normal user's account
    > (root and those in the wheel group must be excluded) after let say, 3,
    > login failures. I know this can cause a DoS issue but I HAVE to have
    > the option of doing it in FreeBSD.

    I don't much experience with pam(8), but there is some mention of
    'sessions' in the manpage:

            session - this group of tasks cover things that should be
           done prior to a service being given and after it is with-
           drawn. Such tasks include the maintenance of audit trails
           and the mounting of the user's home directory. The session
           management group is important as it provides both an open-
           ing and closing hook for modules to affect the services
           available to a user.

    Perhaps that's a place to introduce a hook for what you need...

    > Any info is appreciated
    > Thanks.
    > Mike C
    > carlson39@llnl.gov 

    -- 
Brian 'you ***' Reichert		<reichert@numachi.com>
37 Crystal Ave. #303			Daytime number: (603) 434-6842
Derry NH 03038-1713 USA			BSD admin/developer at large	
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
  • Next message: Mark Johnston: "Using racoon-negotiated IPSec with ipfw and natd"
    • Quantcast