Skip to content
This repository has been archived by the owner on Sep 7, 2024. It is now read-only.

Blacklist certain account names? #9

Open
oxr463 opened this issue Oct 8, 2021 · 0 comments
Open

Blacklist certain account names? #9

oxr463 opened this issue Oct 8, 2021 · 0 comments
Assignees
@oxr463
Labels
question Further information is requested

Comments

@oxr463
Copy link
Contributor

oxr463 commented Oct 8, 2021
edited
Loading

@neverrend:

Currently the app works in such a fashion that it accepts the username and turns it into an email. Should block certain usernames such as root to prevent automated attacks from bots looking for low hanging fruit.

@oxr463:

It should check local users. The lookups for that are done by libnss_aad.

Source: https://github.com/CyberNinjas/pam_aad/blob/master/pam_aad.c#L500

See: https://linux.die.net/man/3/pam_get_user

See: CyberNinjas/pam_aad#54
@oxr463 oxr463 added the question Further information is requested label Oct 8, 2021
@oxr463 oxr463 self-assigned this Oct 8, 2021
@oxr463 oxr463 added this to the v1.0.0 milestone Oct 8, 2021
@oxr463 oxr463 removed this from the v1.0.0 milestone Nov 3, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@oxr463 oxr463

Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@oxr463