[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Telnet access question

Subject: Re: [cobalt-users] Telnet access question
From: alonsog@xxxxxxxxxxxxx
Date: Tue May 30 09:09:13 2000

I happen to be the box's admin but I'm logged in as a virtualsite's admin
user when this happens. Being an amatuer I haven't tried modifying a file
but I sure can list them and browse their properties, ownership, etc. It
may not represent a security issue. But it makes me unconfortable to know
that someone is able to check out my business data (how many sites we host,
what are their names, user names ... etc). Please help. 

On Tue, 30 May 2000 11:57:39 -0400 Grant Cummings wrote:

> Have you actually been able to modify files outside your domain?  Or can
> you
> just view them?
> 
> You mentioned that you're an admin...is that just for the site or for the

> whole box?
> 
> Grant Cummings
> 
> -----Original Message-----
> From: alonsog@xxxxxxxxxxxxx [mailto:alonsog@xxxxxxxxxxxxx]
> Sent: Tuesday, May 30, 2000 11:42 AM
> To: cobalt-users@xxxxxxxxxxxxxxx
> Subject: [cobalt-users] Telnet access question
> 
> 
> Is it normal that a virtual site's admin user with shell access is able
> to
> navigate beyond his domain's folder? (while under a Telnet Session). I
> havent tried modifying any files because I'm barely learning the ropes,
> but
> it seemed strange to me that I was able to see all the directory tree
> instead of just my domain's portion of it while logged in as a virtual
> site's admin user. Fortunately, I am that user (also the Raq's only
> administrator so far) but it scares me to know that if I give shell
> access
> to any of my admin users he'll be able to make changes beyond his domain.

> Does this present a security risk? is it normal? Please comment...
> 
> Thank you very much,
> Alonso Garcia
> Raq/Linux Newbie
> 
> 
> 
> 
> 
> ---------------------------------------------------------
> This message sent using EMUmail -- http://www.emumail.com
> ---------------------------------------------------------
> 
> Looking for the best deals available on the Net?
> 
> Try the Valet:
> 
> http://valet.flycast.com/valet/info/fc0494/?80843
> 
> 
> 
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
> 
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
> 







---------------------------------------------------------
This message sent using EMUmail -- http://www.emumail.com
---------------------------------------------------------

Looking for the best deals available on the Net?

Try the Valet:

http://valet.flycast.com/valet/info/fc0494/?95520

Prev by Date: [cobalt-users] Why do list group messages bounce
Next by Date: Re: [cobalt-users] raq2 hd
Previous by thread: RE: [cobalt-users] Telnet access question
Next by thread: [cobalt-users] Why do list group messages bounce

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index