Blacklist certain account names?
oxr463 opened this issue · 0 comments
oxr463 commented
Currently the app works in such a fashion that it accepts the username and turns it into an email. Should block certain usernames such as root to prevent automated attacks from bots looking for low hanging fruit.
It should check local users. The lookups for that are done by
libnss_aad.Source: https://github.com/CyberNinjas/pam_aad/blob/master/pam_aad.c#L500