[PATCH 0/2] increasing delays after invalid login attempts (no PAM)
Denys Vlasenko
vda.linux at googlemail.com
Wed Apr 14 15:16:42 UTC 2021
This increases code by 1 kilobyte.
This is too much for simple counting of login failures.
Please document names and format of files you use for recording
failures.
On Wed, Apr 14, 2021 at 1:27 PM Hemmo Nieminen <hemmo.nieminen at iki.fi> wrote:
>
> Hello,
>
> In our project some delays after invalid login attempts were requested
> and while PAM would already have supported that we didn't really want to
> take PAM into use.
>
> This is my attempt to implement that without using PAM. A file under /tmp
> is used to store a counter that will be used as a multiplier for the
> amount of time we wait after invalid login attempts.
>
>
> Hemmo Nieminen (2):
> libbb: add support for tallying with files
> login: improve login delays after invalid attempts
>
> include/libbb.h | 12 +-
> libbb/Config.src | 6 +
> libbb/Kbuild.src | 1 +
> libbb/bb_do_delay.c | 32 ++-
> libbb/bb_tally.c | 471 +++++++++++++++++++++++++++++++++++++++++++
> loginutils/login.c | 5 +-
> loginutils/passwd.c | 2 +-
> loginutils/su.c | 2 +-
> loginutils/sulogin.c | 2 +-
> loginutils/vlock.c | 2 +-
> 10 files changed, 518 insertions(+), 17 deletions(-)
> create mode 100644 libbb/bb_tally.c
>
> --
> 2.30.2
>
> _______________________________________________
> busybox mailing list
> busybox at busybox.net
> http://lists.busybox.net/mailman/listinfo/busybox
More information about the busybox
mailing list