Hey, Nicolai. Good to hear that you've got a package up. I packaged my own a while back using CDBS, but didn't go to the extent that you had. I cannot get to mentors for some reason right now to check it out.
Regarding libpam_abl's shortcommings, I'm surprised that an autopurge isn't implemented, and I'm equally surprised that it doesn't track failed attempts on known users. I had ran some tests, albeit not extensive, on this and I believe it recorded failed attempts for known users. It would be relatively useless if it didn't. I was also under the impression that it has two types of blocking, host level and user level. By your account, host level blocking isn't working? Again, this would be a very large detriment to the package, making it less than useful. With respect to some of the DD's responses toward blocking failed login attempts, there is some wisdom in using sane parameters when implementing this type of security. However, I do believe it has a place in the stack of tools used to discourage inappropriate behavior. "Defense in Depth" is a phrase uttered repeatedly at any security courses I've taken. You have at least two DD's now that believe it has a place in the Debian archive. Eric, if you could sponsor the package, that would be great. I personally have no time to take on more packages. -- Chad Walstrom <[EMAIL PROTECTED]> http://www.wookimus.net/ assert(expired(knowledge)); /* core dump */ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]