[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: user access to network - summary
Gaal Yahas wrote:
>
> On Wed, May 13, 1998 at 09:08:14PM +0300, Tuvik Beker wrote:
>
> > Needless to say, there are better methods, as suggested by some of you,
> > but this one is very easy to create and modify, and seems rather safe.
> > Please correct me if I'm wrong in this last point.
>
> If everyone on the machine is trusted.
>
> With this solution, any account owner can probably PREVENT the change
> from occuring by deleting the file.
Not really! A user creates the file with his own permissions, so another
user cannot delete it. Root deletes it after fulfilling the request.
> Also, if you decide to go this way, at least have the script check
> ownership of the semaphore and do some sanity checks (probably logging
> too?).
Naturally.
As I said, it's far from perfect, and to do it properly it needs the
usual checks and precautions which I have implemented only partially,
but these can be very easily added.
T.
--
--------------------------------------------
Tuvik Beker
P.O. Box 571, Givatayim 53104
Tel. (972) 3 5714436 Fax. (972) 3 5334349
becket@shum.huji.ac.il
--------------------------------------------