Bugtraq mailing list archives
Re[2]: /etc/shells (was Re: procmail
From: ewedel () MERIDIAN-DATA COM (Eric Wedel)
Date: Thu, 8 Aug 1996 14:35:09 PST
So far, suggestions have focused on user-level attributes. Some of the proposed controls might equally well apply to groups. (For the record I don't advocate single-character flags, though that seems to be a *nix tradition.) Warning: this thread could get really long. :-) regards, Eric Wedel
how about extending the passwd fields one more after the shell so that mine would be something like auderho:x:1298:1:Jauder Ho:/export/home/jauderho:/usr/local/bin/tcsh:tf with single letters representing different options , we can have 62 if we use all the numerals , upper and lower cases of the alphabet. so let's say that t stands for telnet allowed, ftp allowed ... this allows pretty fine grained control over users. --Jauder On Thu, 8 Aug 1996, der Mouse wrote:
(snip)
I can see only two solutions. One would be to make each service maintain its own list of users that are forbidden (or, alternatively, allowed); the other would be to extend the passwd database (or, equivalently, maintain a parallel database) so as to allow tagging each user with arbitrary flags like "ftp access allowed" or "mail forward to pipe forbidden". Anyone have any comments on either, or any other alternatives to suggest? der Mouse mouse () collatz mcrcim mcgill edu 01 EE 31 F6 BB 0C 34 36 00 F3 7C 5A C1 A0 67 1D
Current thread:
- Re: /etc/shells (was Re: procmail Robert Bonomi (Aug 08)
- <Possible follow-ups>
- Re[2]: /etc/shells (was Re: procmail Eric Wedel (Aug 08)