[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Security?

Subject: Re: [cobalt-users] Security?
From: Bruce Timberlake <bruce@xxxxxxxxxx>
Date: Fri Jan 10 06:09:31 2003
Organization: BRTNet.org
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Now it just happens that with this particular user, the password is
> the same as my siteadmin (long story) and the username is
> different.  He typed in admin as the username rather than
> hisdomainadmin and this is what happened.
>
> I'm guessing that you could use any domain on the server and, as
> long as you get the right username and password, you would be in?

Yes... if he put in 'admin' as the username and a correct password, 
he'll get admin access to the server...

www.example.com/admin/ is a 'global' redirect to the RaQ Admin UI (at 
/usr/admserv/html/.cobalt/sysManage/) -- you can put /admin after any 
domain or IP address on the RaQ and it will give you admin access if 
you enter 'admin' and the password.

www.example.com/siteadmin is a site-specific redirect, and redirects 
you to HTML in /usr/admserv/html/.cobalt/siteManage/siteXX/

- -- 
Bruce Timberlake

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+Hs8nvLA2hUZ9kgwRAtQOAJ486aq6/6+c+FyuydYn0UhExKkXFgCfefvp
J4EXJdQXmIDg5yL3la0H2Ys=
=6+pJ
-----END PGP SIGNATURE-----

References:
- [cobalt-users] Security?
  - From: Andy Jacobs

Prev by Date: Re: [cobalt-users] from: Nobody
Next by Date: RE: [cobalt-users] Security?
Previous by thread: [cobalt-users] Security?
Next by thread: RE: [cobalt-users] Security?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index