[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Allowing FTP Root access

Subject: Re: [cobalt-users] Allowing FTP Root access
From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Date: Mon Oct 30 02:16:03 2000
Organization: nobaloney.net
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Clint Decker wrote:

> If its so easy for someone else to login as root through FTP and "guess" the
> password.... what is preventing them from loging in to telnet as admin and
> su to root?  They can do the same damage that way!

Nothing.  People do it all the time.  Hopefully you have an unguessable
root password; we use something like "aW4nc3n6"  (and now that I've
mentioned this one I'll never use it).

> What are the commands to change the permissions on a folder... is it
> something like:
> 
> chown admin /foldername

This changes ownership, and NOT permissions.  It's also extremely
insecure.  Files and folders owned by root are obviously owned by root
specifically to keep non-root-users out of them, since root itself can
operate on any file no matter who owns it.

Jeff
-- 
Jeff Lasman <jblists@xxxxxxxxxxxxx>
nobaloney.net
P. O. Box 52672
Riverside, CA  92517
voice: (909) 787-8589  *  fax: (909) 782-0205

References:
- RE: [cobalt-users] Allowing FTP Root access
  - From: Carrie Bartkowiak
- Re: [cobalt-users] Allowing FTP Root access
  - From: Clint Decker

Prev by Date: Re: [cobalt-users] Changing host and domain name on RAQ3
Next by Date: Re: [cobalt-users] Using Equifax Certs with the Brosoft Server
Previous by thread: RE: [cobalt-users] Allowing FTP Root access
Next by thread: Re: [cobalt-users] How to change anonymous FTP to allow downloads??

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index