[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] [raq4] FTP - Admin user denied ?!!?

Subject: Re: [cobalt-users] [raq4] FTP - Admin user denied ?!!?
From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Date: Mon Jan 14 22:54:05 2002
Organization: nobaloney.net
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

It's been over a week, and I really don't owe an answer anyway, but...

Kai Deecke wrote:

> None of what people have posted rectifies my problem. I have no privelages.
> I choose to FTP to my box. I need access to ALL sites at ANY time of day /
> night.

When I first saw your post Kai, I got upset; I was thinking that all I
run into tonight are people who can do everything better than everyone
else but still want everyone else to do it for them...

But I decided I could be wrong... I went to the fridge, make a 3-scoop
dish of chocolate ice cream and sat down and thought about it.

Here's what I came up with.

The limitation is a limitation of Unix.  It goes back as far as Unix
does.  You can't belong to more than 32 groups (groups are almost but
not quite the same as sites).

But can you get around it?  YES.

You can have all the sites owned by ONE person, with separate group
membership to give you the false impression of security.

What happens if you rewrite your system privileges to do it this way
(and no, no-one at Cobalt will help you, and probably no unix consultant
either, unless you sign a disclaimer first) is you'll give up ALL
security for the sites.  If you're going to set up all the sites for
you, yourself, this could be a viable alternative, but you'd have to do
it outside the gui; Cobalt/Sun most likely isn't going to make such
insecurity a feature, but they might be willing to implement it for you
at their normal consulting rate.  They'd probably want you to sign a
dislcaimer first, as well; as this is VERY INSECURE.

> I currently have no privelages to view ( some ) edit and delete.. I'm very
> annoyed. I will arrange to hire an expert tomorrow when business hours open
> to fix the problem. I thank you guys for the free help, but none of you have
> addressed my *REAL* problem.

You can do ALL OF THE ABOVE.  You just can't do it to all sites unless
they're all owned by the same owner.  And that the gui won't do.

Unix/Linux lets you do it by giving all the sites the same ownership. 
The gui won't because to do so makes the box too insecure to be used as
a hosting appliance, which was the main design criterion.

> If you can help me,..... please do...

On a straight linux box, I could.  On a RaQ, or with any other standard
appliance package (Plesk, Ensim) I couldn't.

> Btw. Can anyone suggest a cobalt expert in Australia? I have a guy at the
> Gold Coast and he's fairly good.

I'm in California and do a fair bit of consulting in Australia.

Jeff
-- 
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net
P. O. Box 52672, Riverside, CA  92517
voice: (909) 778-9980  *  fax: (702) 548-9484

References:
- RE: [cobalt-users] [raq4] FTP - Admin user denied ?!!?
  - From: Kai Deecke

Prev by Date: Re: [cobalt-users] pkg.nl.cobalt - Open SSH
Next by Date: Re: [cobalt-users] [raq4] FTP - Admin user denied ?!!?
Previous by thread: Re: [cobalt-users] [raq4] FTP - Admin user denied ?!!?
Next by thread: [cobalt-users] FTP - Admin user denied ?!!? - RaQ4R

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index