On 22 October 2009 c. 22:58:53 Stuart VanZee wrote:
> The last is 8.5.13 locking users out after 6 failed login
> attempts. Quite frankly I find this to be a pretty stupid
> requirement as it causes a built in denial of service. I see
> how creating a custom Authentication style would allow me to
> do this (in spite of my reservations), but I don't really do
> much in the way of c coding these days. I have been looking
> at the code in login.c and login_passwd.c and I understand
> about half of it (I think). If anyone could give me a shove
> in the right direction I would sincerely appreciate it.
Maybe I'll say something stupid but could not it be treated as "reset
login session"? Then you can easily tune it via login.conf. I'd suggest
you to have a talk with someone already implemented this requirement...
--
Best wishes,
Vadim Zhukov
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing in e-mail?
