[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Severe Security Problem Between Sites

Subject: Re: [cobalt-users] Severe Security Problem Between Sites
From: "Robert G. Fisher" <rfisher@xxxxxxxxxxxxxxx>
Date: Tue Mar 28 05:50:25 2000

On Tue, Mar 28, 2000 at 03:29:42AM -0600, Liz wrote:
> >1. Everybody has Telnet access to ALL sites!
> 
> That's precisely why I don't give virtual sites Telnet access.  Security 
> stinks on the RaQ3.  This isn't an OpenSource Linux problem, this is a 
> Cobalt problem with not addressing this security issue.  No user should be 
> able to freely move about the whole server and be able to read another's 
> directory or files.

short of using chroot, or setting permissions on /home/sites/* to be
-rwxrwx--- where the owner for all files is httpd, and the group is
the admin group, there's not much that can be done there.


-- 
Robert G. Fisher		     NEOCOM Microspecialists Inc. 
System Administrator/Programmer      (540) 666-9533 x 116

References:
- [cobalt-users] Severe Security Problem Between Sites
  - From: Michael Hoennig
- Re: [cobalt-users] Severe Security Problem Between Sites
  - From: Liz

Prev by Date: [cobalt-users] Qube2 smb-net logon scripts "a la mode NT"
Next by Date: Re: [cobalt-users] Disk is nearly full (Warning a New User Question)
Previous by thread: Re: [cobalt-users] Severe Security Problem Between Sites
Next by thread: RE: [cobalt-users] Severe Security Problem Between Sites

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index