Index: doc/hpux.txt
===================================================================
RCS file: /usr/local/taracvs/tiger-3.2/doc/hpux.txt,v
retrieving revision 1.2
diff -u -p -r1.2 hpux.txt
--- doc/hpux.txt	27 Jun 2003 02:49:00 -0000	1.2
+++ doc/hpux.txt	11 Jul 2003 00:59:21 -0000
@@ -7,3 +7,11 @@ http://www.faqs.org/faqs/hp/hpux-faq/sec
 and at the HP document "Administering your HP-UX Trusted System"
 (B2355-90121) available at 
 http://docs.hp.com/hpux/onlinedocs/B2355-90121/B2355-90121.html
+%trust002w
+When the system is in trusted mode, HP-UX can enforce a default
+number of login attempts before the account is disabled.  This
+is useful for prefenting potential intruders from brute forcing
+and/or guessing passwords.  Since limiting the number of logins
+can also be used as a Denial of Service attack, the number of
+login attempts is configurable on a per-user basis.  Read the
+default(4) and modprpw(1M) man pages for additional information.
Index: systems/HPUX/check_trusted
===================================================================
RCS file: /usr/local/taracvs/tiger-3.2/systems/HPUX/check_trusted,v
retrieving revision 1.2
diff -u -p -r1.2 check_trusted
--- systems/HPUX/check_trusted	27 Jun 2003 03:00:29 -0000	1.2
+++ systems/HPUX/check_trusted	11 Jul 2003 00:59:21 -0000
@@ -65,20 +65,27 @@ done
 # elements are set.
 #
 [ "$Tiger_TESTMODE" = 'Y' ] && {
-  haveallfiles BASEDIR WORKDIR || exit 1
+  haveallfiles BASEDIR || exit 1
   haveallcmds GETPRDEF || exit 1
   
   echo "--CONFIG-- [init003c] $0: Configuration ok..."
   exit 0
 }
 #------------------------------------------------------------------------
-haveallfiles BASEDIR WORKDIR || exit 1
+haveallfiles BASEDIR || exit 1
 haveallcmds GETPRDEF || exit 1
 
 echo
 echo "# Verifying trusted mode..."
 
-$GETPRDEF /usr/lbin/getprdef -r 2>&1 >/dev/null
+$GETPRDEF -r 2>&1 >/dev/null
 if [ $? -eq 4 ]; then
   message WARN trust001w "" "The system is not running in trusted mode."
+  exit 0
 fi
+
+# Verify the number of login attempts are limited.
+num=`$GETPRDEF -m umaxlntr`
+([ -z "$num" ] || (( ${num#umaxlntr=} < 1 ))) && {
+  message WARN trust002w "" "The system is not configured to limit the number of login attempts."
+}