From 36a7a0d85945d4d88f8af8f127291a060363b9c7 Mon Sep 17 00:00:00 2001
From: ache <ache@FreeBSD.org>
Date: Thu, 3 Jan 2002 16:04:57 +0000
Subject: [PATCH] Turn off USER_LOCKING which allows intruder to completely
 disable OPIE for some user just by entering user name and doing nothing on
 password prompt

---
 lib/libopie/config.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/libopie/config.h b/lib/libopie/config.h
index bf91b2e68e8d..b6ad39bbbf03 100644
--- a/lib/libopie/config.h
+++ b/lib/libopie/config.h
@@ -1,3 +1,4 @@
+/* $FreeBSD$ */
 /* config.h.  Generated automatically by configure.  */
 /* config.h.in.  Generated automatically from configure.in by autoheader.  */
 
@@ -177,8 +178,9 @@
 /* Defined if su should not switch to disabled accounts */
 /* #undef SU_STAR_CHECK */
 
+/* Don't turn it on! It allows intruder easily disable whole OPIE for user */
 /* Defined if user locking is to be used */
-#define USER_LOCKING 1
+/* #undef USER_LOCKING */
 
 /* Define if you have the bcopy function.  */
 /* #undef HAVE_BCOPY */