aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrey A. Chernov <ache@FreeBSD.org>2002-01-03 16:04:57 +0000
committerAndrey A. Chernov <ache@FreeBSD.org>2002-01-03 16:04:57 +0000
commit50a5189f9e9d9893fd23e8cfd3e4c27520b8dc1f (patch)
tree7d061ee64b933f1d48bf690e5916f176ed932d4e
parent57766554c63ab6f1e228d659b9e933d9a7b2355b (diff)
downloadsrc-50a5189f9e9d9893fd23e8cfd3e4c27520b8dc1f.tar.gz
src-50a5189f9e9d9893fd23e8cfd3e4c27520b8dc1f.zip
Turn off USER_LOCKING which allows intruder to completely disable OPIE
for some user just by entering user name and doing nothing on password prompt
Notes
Notes: svn path=/head/; revision=88846
-rw-r--r--lib/libopie/config.h4
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/libopie/config.h b/lib/libopie/config.h
index bf91b2e68e8d..b6ad39bbbf03 100644
--- a/lib/libopie/config.h
+++ b/lib/libopie/config.h
@@ -1,3 +1,4 @@
+/* $FreeBSD$ */
/* config.h. Generated automatically by configure. */
/* config.h.in. Generated automatically from configure.in by autoheader. */
@@ -177,8 +178,9 @@
/* Defined if su should not switch to disabled accounts */
/* #undef SU_STAR_CHECK */
+/* Don't turn it on! It allows intruder easily disable whole OPIE for user */
/* Defined if user locking is to be used */
-#define USER_LOCKING 1
+/* #undef USER_LOCKING */
/* Define if you have the bcopy function. */
/* #undef HAVE_BCOPY */