Re: Globetrotter FlexLM 'lmdown' bogosity

[nneul () UMR EDU (Nathan Neulinger)]

I should have sent this in my first reply, but all you need to do is
add the "-x lmdown" and "-x lmremove" options to the command line when you
start lmgrd. That disables the feature.

-- Nathan

On Sun, Sep 27, 1998 at 11:33:32AM -0700, Kemasa wrote:
> > From: Valdis.Kletnieks () VT EDU
> > ...
> > Well, here's an oldie but goodie, which we first saw at least 3 years
> > ago.  Lo and behold, it's apparently STILL broken.  Sorry, no vendor
> > notification - we told them 3 years ago. ;)
> >
> > FlexLM 'lmdown' command will chow your license server from anywhere on
> > the Internet - all you need is a copy of the license file.  The
> > authentication appears to be "Well, you appear to be root on the
> > machine that you typed 'lmdown' on".
>
> Have you looked at the switch options for lmgrd? If you had you
> would find that there is an option to limit the ability to take
> down the license daemons to a specific group, which basically
> stops what you are talking about. I think it is also possible
> to completely ignore a lmdown command since it would be possible
> to try all possible group ids.
>
> It is a bit of a problem that they set it up that way by default
> and since you need not run it as root, you should change the
> owner to something else, change the options and a clean up
> the way the log files work.
>
> You DO have the option of changing the functionality though,
> so you really can't blame them for your not looking at the
> man pages on the program.
>
>
>
>                                                  Kemasa.

------------------------------------------------------------
Nathan Neulinger                       EMail:  nneul () umr edu
University of Missouri - Rolla         Phone: (573) 341-4841
Computing Services                       Fax: (573) 341-4216