Turn off USER_LOCKING which allows intruder to completely disable OPIE

for some user just by entering user name and doing nothing on password prompt
author: ache <ache@FreeBSD.org> 2002-01-03 16:04:57 +0000
committer: ache <ache@FreeBSD.org> 2002-01-03 16:04:57 +0000
commit: 36a7a0d85945d4d88f8af8f127291a060363b9c7 (patch)
tree: 7d061ee64b933f1d48bf690e5916f176ed932d4e /lib/libopie
parent: c0930dcf7580f16667f8dea6d1ea58478a5fc7f2 (diff)
download: FreeBSD-src-36a7a0d85945d4d88f8af8f127291a060363b9c7.zip
FreeBSD-src-36a7a0d85945d4d88f8af8f127291a060363b9c7.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/libopie/config.h b/lib/libopie/config.h
index bf91b2e..b6ad39b 100644
--- a/lib/libopie/config.h
+++ b/lib/libopie/config.h
@@ -1,3 +1,4 @@
+/* $FreeBSD$ */
 /* config.h.  Generated automatically by configure.  */
 /* config.h.in.  Generated automatically from configure.in by autoheader.  */
 
@@ -177,8 +178,9 @@
 /* Defined if su should not switch to disabled accounts */
 /* #undef SU_STAR_CHECK */
 
+/* Don't turn it on! It allows intruder easily disable whole OPIE for user */
 /* Defined if user locking is to be used */
-#define USER_LOCKING 1
+/* #undef USER_LOCKING */
 
 /* Define if you have the bcopy function.  */
 /* #undef HAVE_BCOPY */
author	ache <ache@FreeBSD.org>	2002-01-03 16:04:57 +0000
committer	ache <ache@FreeBSD.org>	2002-01-03 16:04:57 +0000
commit	36a7a0d85945d4d88f8af8f127291a060363b9c7 (patch)
tree	7d061ee64b933f1d48bf690e5916f176ed932d4e /lib/libopie
parent	c0930dcf7580f16667f8dea6d1ea58478a5fc7f2 (diff)
download	FreeBSD-src-36a7a0d85945d4d88f8af8f127291a060363b9c7.zip FreeBSD-src-36a7a0d85945d4d88f8af8f127291a060363b9c7.tar.gz