[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Site paths

Subject: Re: [cobalt-users] Site paths
From: "victoria.tc.ca" <wz297@xxxxxxxxxxxxxx>
Date: Sun Feb 27 02:23:39 2000

Using the command " groups " is fine under command line, but what if the
user is FTP'ing into the server and has no telnet access. Does he still need
the full system path when configing cgi's?? or does he need just his home
dir path? And if he needed the system path, how would he find it in FTP?

Randall


----- Original Message -----
From: "Jeff Lasman" <jblists@xxxxxxxxxxxxx>
To: <cobalt-users@xxxxxxxxxxxxxxx>
Sent: Saturday, February 26, 2000 11:17 PM
Subject: Re: [cobalt-users] Site paths


> At 08:09 PM 2/26/00 -0800, you wrote:
>
> >When a user on the system is using telnet and cd..'s down past their home
> >dir, how does the user know what site they are in? How would they know if
> >they belong to site1, site2, site3 and so on........
>
>  From the prompt, the user could enter the command:
>
> $ groups
>
> which will return a lit of all the groups of which the user is a
> member.  Presumably he'd be a member of siteX where x is the number of the
> site.
>
> >I guess they could just user the cd command to go back to their home dir
and
> >the pwd command to get the system path for configuring CGI and Perl
scripts,
> >but their must be an easier way to do this.
>
> Telnet is definitely made for people with clue.
>
> Because of the unix/linux permissions system, it's rare for a user (even a
> site administrator) to be able to completely destroy a system without
> intentionally wanting to do so, but s/he can certainly destroy his own
> site.  One misplaced space-bar keypress can easily do it.  With intent,
> it's pretty easy to completely destroy a system.  Especially a default,
> out-of-the-box system.
>
> >Maybe perhaps naming the HOME
> >dir the same as the username?? or is this done to restrict hackers from
> >getting usernames??
>
> I doubt it, since you can get the entire username list no matter how
> underprivileged you are, by telnetting into the system and doing (from
your
> home directory):
>
> $ cat /etc/passwd >anyfilename
>
> and then FTPing anyfilename into your own system.
>
> >But on the otherside if it was a hacker that knew a bit
> >about the Unix O/S they would know that the users names are in the
password
> >file, and httpd.conf file, log files, and the list goes on and on.
>
> as you've just noted <smile>.
>
> >Is their a way to change the user creation process to create the user
dirs
> >with the same name as the user name? This is the first time I have seen
this
> >type of setup on a Unix system and I think it is an unnecessary step in
the
> >user creation process.
>
> It's done this way to make the gui easier to write, maintain and manage.
>
> Jeff
>
> --
> Jeff Lasman <jblists@xxxxxxxxxxxxx>
>
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>

Follow-Ups:
- Re: [cobalt-users] Site paths
  - From: Mat Kovach
- Re: [cobalt-users] Site paths
  - From: Jeff Lasman

References:
- Re: [cobalt-users] Site paths
  - From: Jeff Lasman

Prev by Date: Re: [cobalt-users] New Cobalt Support Site
Next by Date: Re: [cobalt-users] CGI executing on second domain for anaccount
Previous by thread: Re: [cobalt-users] Site paths
Next by thread: Re: [cobalt-users] Site paths

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index