[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Related to telent/shell
- Subject: Re: [cobalt-users] Related to telent/shell
- From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sun Oct 12 19:05:00 2003
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
On Sun, 12 Oct 2003, Swapana Ghosh wrote:
>
> >>Or just open /etc/passwd with your favorite editor...
> >Seems like a RaQ4 uses badsh or something similar for user that
> >>don't have sheell access.
> >>I don't have a RaQ4 on line to look at!
> >>Gerald
>
> Thank you much. Yes i found in the /etc/passwd file.. it is *badsh*. But
> still i am little bit confused that when the site as no *telnet/shell* access,
> then how the other users got the *bash* permission.
>
> Anyway that means if i want to use as root *su - user* then I need to change in
> hte /etc/passwd , then it will work...
>
Not sure how you are testing this,
But one thing that some people misunderstand is that a user who has
shell access can, for instance ssh to any domain on the server.
for instance a user with shell access on host.domain1.tld can use
"ssh shell_user@xxxxxxxxxxxxxxxx" and can gain access to the server, even
though host.domain.2.tld has shell access disabled.
The user is directed to his user area on host.domain1.tld even though
he used the command "ssh shell_user@xxxxxxxxxxxxxxxx".
However no user on the disabled domain, can have shell access.
Gerald
--
http://frontstreetnetworks.com | http://store.raqware.com
Front Street Networks LLC, 229 Front Street, Ste.#C
New Haven, CT 06513-3203 | phone: +1-203-785-0699