[sork] Re: [imp] poppassd - limiting access attempts

DV Black groups@ComputerBums.com
Sun Oct 13 04:23:17 PDT 2002


At 09:33 PM 10/12/2002 -0500, you wrote:
>Quoting DV Black <groups@ComputerBums.com>:
>
> > A security question about the IMP password module:
>
>Are you running IMP 2.x?  If so, it is an IMP password module.  Otherwise
>it is a Horde password module.
>

RH 7.1
   PHP4.2.3
     HORDE2.1
       IMP3.1


> > If we were to install the password module into IMP,
> > would it be possible to limit the number of attempts
> > to find and change the old password (via poppassd)?
>
>There is no provision in the passwd module for this.  So, you would need
>to either find a poppassd server that supports this, or code it into either
>passwd or poppassd.  I don't know of any poppassd servers that support this.
>
>My suggested way to do this would be to have a PAM based system, and have PAM
>control the number of password changes per account per time period.  Than
>I would get a PAM enabled poppassd server.  That would be the best practice
>way of doing it, in the unix/VMS/PAM world at least -- you don't say which
>OS the passwords are on...
>
> > - Thanks
> >    Don V Black
>
>--
>Eric Rostetter
>The Department of Physics
>The University of Texas at Austin
>
>Why get even? Get odd!
>--
>Sork mailing list
>Frequently Asked Questions: http://horde.org/faq/
>To unsubscribe, mail: sork-unsubscribe@lists.horde.org


+ + + + + + + + + + + + + + + + + + + + + +
Join the Pros at your IEEE Computer Society
          http://www.IEEE-OCCS.org

Digital ChoreoGraphics       http://www.dcgfx.com
3D Visualization Software    Design & Development
1-949-548-1969                 dcg02@softcafe.net



More information about the sork mailing list