Skip site navigation (1)Skip section navigation (2)
Date:      22 Feb 2001 09:07:26 +0000
From:      Wayne Pascoe <wayne.pascoe@realtime.co.uk>
To:        "Ted Mittelstaedt" <tedm@toybox.placo.com>
Cc:        <freebsd-questions@FreeBSD.ORG>
Subject:   Re: login-MODEM
Message-ID:  <m3d7cbcchd.fsf@zaphod.realtime.co.uk>
In-Reply-To: <004701c09cad$b8c88c40$1401a8c0@tedm.placo.com>
References:  <004701c09cad$b8c88c40$1401a8c0@tedm.placo.com>

next in thread | previous in thread | raw e-mail | index | archive | help
"Ted Mittelstaedt" <tedm@toybox.placo.com> writes:

> Your way overstating the security risks here.  What risks?!  There's nothing
> that a user can do on a shell server that they can't do already by setting
> up a
> UNIX system and dialing into us, except for screwing other users on that
> server,

I disagree. I was looking at providing shell access for my users, to
the server that their web pages lived on. I decided against it for a
couple of reasons. The main one was that if a local root exploit comes
out at 2am and I only see the announcement at 8am when I wake up,
there is a good chance that one of my users will have rooted my
server. This means complete reload. Not fun!

> and if all the users understand that the shell server is basically the kids
> playroom and you need to protect yourself, and that files placed on it are
> not backed up, why then who cares what they do to the server?  If one day
> I find that some kiddie has trashed it, so what, I can see when it happened,
> check the radius logs to see who was on it, very likely find out that way
> who did it, suspend their account, and in an hour I can reimage the system
> disk and we are back up and running.
> 

Ok, I was looking at shell access not for playground but for managing
users own website. 

I still haven't found a good way of doing this.

> Ted Mittelstaedt                      tedm@toybox.placo.com
> Author of:          The FreeBSD Corporate Networker's Guide
> Book website:         http://www.freebsd-corp-net-guide.com

I had a look at your book at the local bookstore yesterday (Foyles)
Nice work!

-- 
- Wayne Pascoe 
E-mail: wayne.pascoe@realtime.co.uk
Phone : +44 (0) 20 7544 4668
Mobile: +44 (0) 788 431 1675

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m3d7cbcchd.fsf>