Date: Thu, 18 Mar 1999 16:56:05 +0100 (CET) From: Zahemszky Gabor <zgabor@CoDe.hu> To: freebsd-security@freebsd.org Subject: Re: disk quota overriding Message-ID: <199903181556.QAA00446@CoDe.hu> In-Reply-To: <Pine.BSF.4.05.9903171655510.13967-100000@nathan.enteract.com> from David Scheidt at "Mar 17, 99 05:01:00 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> On Wed, 17 Mar 1999, Jon Hamilton wrote: > > :Under HP-UX 9.x, the behavior you describe was the default, and it > :was changable by altering a kernel config parameter and relinking the > :kernel. The same tunable is available under 10.x, but I'm less certain > :what the default behavior is there. Whether quotas are enabled or not > :does not affect the behavior, only the kernel tunable parameter. > > This is still the default in 10.20. At least, all of the machines around here > are that way. It has some uses on test and lab type machines, as it makes > some tasks not have to involve root. As default behavior for a production > machine, it is damn silly. Hrrr! RTFM! on any HP-UX system, you have to type ``man setprivgrp'', and read ahead about the priviledges. Eg. there is one (I think the name is CHOWN ;-), which allow or deny a normal user (groups of user) to use the chown syscall (a'la SYSV vs. BSD). In all of my HP-sysadmin trainings, I say that at the time of quotas. Bye, ZGabor at CoDe dot HU PS: if I know well, there isn't any kernel parameter you have to change. (Well, I'd like to ask you to write me the name of it, as I don't know about it.) By the way you are right, the setprivgrp command isn't documented in HP's UNIX course docs (only in the HP-UX security), only in the manual. I know, I teach it. PS2: go away from fbsd-sec with this off-topic thread about HP-UX. There are more Unices, which has chown with AT&T semantics. Well, not so many with quotas (and FFS), as HP. -- #!/bin/ksh Z='21N16I25C25E30, 40M30E33E25T15U!' ;IFS=' ABCDEFGHIJKLMNOPQRSTUVWXYZ ';set $Z ;for i { [[ $i = ? ]]&&print $i&&break;[[ $i = ??? ]]&&j=$i&&i=${i%?};typeset -i40 i=8#$i;print -n ${i#???};[[ "$j" = ??? ]]&&print -n "${j#??} "&&j=;typeset +i i;};IFS=' 0123456789 ';set $Z;X=;for i { [[ $i = , ]]&&i=2;[[ $i = ?? ]]||typeset -l i;X="$X $i";typeset +l i;};print "$X" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199903181556.QAA00446>