[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
user access to network - summary
Thanks to everybody who answered. Your suggestions were very helpful.
I decided to go for an arrangement which is easier to implment than a
full-fledged client-daemon solution in C, yet gives the same level of
security.
The users can operate one of two scripts that write their requests to a
file in /tmp. Root operates a cron job that reads this file every
minute, executes a script to fulfill the request and then deletes the
file.
This method has the added benefit that by inducing a controllable delay
in fulfilling the users' requests, one prevents a D.O.S. exploit that
can be created otherwise, by switching between the two networks at high
frequency.
Needless to say, there are better methods, as suggested by some of you,
but this one is very easy to create and modify, and seems rather safe.
Please correct me if I'm wrong in this last point.
Tuvik
--
--------------------------------------------
Tuvik Beker
P.O. Box 571, Givatayim 53104
Tel. (972) 3 5714436 Fax. (972) 3 5334349
becket@shum.huji.ac.il
--------------------------------------------