[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Bug,- Security Risk, or May Bad?

Subject: Re: [cobalt-users] Bug,- Security Risk, or May Bad?
From: "Robert G. Fisher" <rfisher@xxxxxxxxxxxxxxx>
Date: Tue Mar 28 08:33:19 2000

On Tue, Mar 28, 2000 at 09:30:46AM -0600, Sonny Kupka wrote:
> I use the www.domain.com/siteadmin to add the users. This is why I am 
> confused as to why a domain that has no Telnet rights and an Admin with no 
> Telnet rights can create accounts like that.

This could be changed with an additional check in the UI scripts;
however, it *is* the traditional thing to do that an administrator
or someone with su/sudo/runas permissions can add a user with
any shell they choose.

-- 
Robert G. Fisher		     NEOCOM Microspecialists Inc. 
System Administrator/Programmer      (540) 666-9533 x 116

References:
- [cobalt-users] Bug,- Security Risk, or May Bad?
  - From: Sonny Kupka
- RE: [cobalt-users] Bug,- Security Risk, or May Bad?
  - From: Dan
- RE: [cobalt-users] Bug,- Security Risk, or May Bad?
  - From: Sonny Kupka

Prev by Date: Re: [cobalt-users] xserver on a RaQ3
Next by Date: RE: [cobalt-users] CGI scripts on RAQ3i
Previous by thread: RE: [cobalt-users] Bug,- Security Risk, or May Bad?
Next by thread: Re: [cobalt-users] Bug,- Security Risk, or May Bad?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index