diff options
Diffstat (limited to 'doc/man/pam_fail_delay.3')
| -rw-r--r-- | doc/man/pam_fail_delay.3 | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/doc/man/pam_fail_delay.3 b/doc/man/pam_fail_delay.3 index 47d63b73..ea7f0abe 100644 --- a/doc/man/pam_fail_delay.3 +++ b/doc/man/pam_fail_delay.3 @@ -1,13 +1,13 @@ '\" t .\" Title: pam_fail_delay .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/18/2017 +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 06/08/2020 .\" Manual: Linux-PAM Manual .\" Source: Linux-PAM Manual .\" Language: English .\" -.TH "PAM_FAIL_DELAY" "3" "05/18/2017" "Linux-PAM Manual" "Linux-PAM Manual" +.TH "PAM_FAIL_DELAY" "3" "06/08/2020" "Linux-PAM Manual" "Linux-PAM Manual" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -74,7 +74,7 @@ For applications written with a single thread that are event driven in nature, g item\&. It can be queried and set with \fBpam_get_item\fR(3) and -\fBpam_set_item \fR(3) +\fBpam_set_item\fR(3) respectively\&. The value used to set it should be a function pointer of the following prototype: .sp .if n \{\ @@ -98,7 +98,9 @@ that the application has associated with the current \fIpamh\fR\&. This last value was set by the application when it called \fBpam_start\fR(3) or explicitly with -\fBpam_set_item\fR(3)\&. Note, if PAM_FAIL_DELAY item is unset (or set to NULL), then no delay will be performed\&. +\fBpam_set_item\fR(3)\&. +.PP +Note that the PAM_FAIL_DELAY item is set to NULL by default\&. This indicates that PAM should perform a random delay as described above when authentication fails and a delay has been suggested\&. If an application does not want the PAM library to perform any delay on authentication failure, then the application must define a custom delay function that executes no statements and set the PAM_FAIL_DELAY item to point to this function\&. .SH "RATIONALE" .PP It is often possible to attack an authentication scheme by exploiting the time it takes the scheme to deny access to an applicant user\&. In cases of |