Date: 22 Feb 2001 09:07:26 +0000 From: Wayne Pascoe <wayne.pascoe@realtime.co.uk> To: "Ted Mittelstaedt" <tedm@toybox.placo.com> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: login-MODEM Message-ID: <m3d7cbcchd.fsf@zaphod.realtime.co.uk> In-Reply-To: <004701c09cad$b8c88c40$1401a8c0@tedm.placo.com> References: <004701c09cad$b8c88c40$1401a8c0@tedm.placo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"Ted Mittelstaedt" <tedm@toybox.placo.com> writes: > Your way overstating the security risks here. What risks?! There's nothing > that a user can do on a shell server that they can't do already by setting > up a > UNIX system and dialing into us, except for screwing other users on that > server, I disagree. I was looking at providing shell access for my users, to the server that their web pages lived on. I decided against it for a couple of reasons. The main one was that if a local root exploit comes out at 2am and I only see the announcement at 8am when I wake up, there is a good chance that one of my users will have rooted my server. This means complete reload. Not fun! > and if all the users understand that the shell server is basically the kids > playroom and you need to protect yourself, and that files placed on it are > not backed up, why then who cares what they do to the server? If one day > I find that some kiddie has trashed it, so what, I can see when it happened, > check the radius logs to see who was on it, very likely find out that way > who did it, suspend their account, and in an hour I can reimage the system > disk and we are back up and running. > Ok, I was looking at shell access not for playground but for managing users own website. I still haven't found a good way of doing this. > Ted Mittelstaedt tedm@toybox.placo.com > Author of: The FreeBSD Corporate Networker's Guide > Book website: http://www.freebsd-corp-net-guide.com I had a look at your book at the local bookstore yesterday (Foyles) Nice work! -- - Wayne Pascoe E-mail: wayne.pascoe@realtime.co.uk Phone : +44 (0) 20 7544 4668 Mobile: +44 (0) 788 431 1675 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m3d7cbcchd.fsf>