From owner-freebsd-questions@FreeBSD.ORG  Thu May 28 17:41:07 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D0FC61065672
	for <freebsd-questions@freebsd.org>;
	Thu, 28 May 2009 17:41:07 +0000 (UTC)
	(envelope-from freebsd@edvax.de)
Received: from mx02.qsc.de (mx02.qsc.de [213.148.130.14])
	by mx1.freebsd.org (Postfix) with ESMTP id 8C02A8FC25
	for <freebsd-questions@freebsd.org>;
	Thu, 28 May 2009 17:41:07 +0000 (UTC)
	(envelope-from freebsd@edvax.de)
Received: from r55.edvax.de (port-92-195-65-8.dynamic.qsc.de [92.195.65.8])
	by mx02.qsc.de (Postfix) with ESMTP id 489AC16C146A;
	Thu, 28 May 2009 19:40:34 +0200 (CEST)
Received: from r55.edvax.de (localhost [127.0.0.1])
	by r55.edvax.de (8.14.2/8.14.2) with SMTP id n4SHeW4r008548;
	Thu, 28 May 2009 19:40:33 +0200 (CEST)
	(envelope-from freebsd@edvax.de)
Date: Thu, 28 May 2009 19:40:32 +0200
From: Polytropon <freebsd@edvax.de>
To: utisoft@gmail.com
Message-Id: <20090528194032.e31ec225.freebsd@edvax.de>
In-Reply-To: <b79ecaef0905281004h7a1f40cvb65f005d9ebe5318@mail.gmail.com>
References: <200905281030.n4SAUXdA046386@banyan.cs.ait.ac.th>
	<200905280847.12966.kirk@strauser.com>
	<alpine.BSF.2.00.0905281553001.60364@wojtek.tensor.gdynia.pl>
	<200905280904.44025.kirk@strauser.com>
	<20090528183801.82b36bbb.freebsd@edvax.de>
	<b79ecaef0905281004h7a1f40cvb65f005d9ebe5318@mail.gmail.com>
Organization: EDVAX
X-Mailer: Sylpheed 2.4.7 (GTK+ 2.12.1; i386-portbld-freebsd7.0)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Cc: Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl>,
	freebsd-questions@freebsd.org, Chris Rees <utisoft@googlemail.com>
Subject: Re: Remotely edit user disk quota
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Polytropon <freebsd@edvax.de>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 28 May 2009 17:41:08 -0000

On Thu, 28 May 2009 18:04:23 +0100, Chris Rees <utisoft@googlemail.com> wrote:
> [The OP] even said 'secure' twice. There is a web server involved, meaning
> possibility of compromise (we all know how secure web servers tend to
> be), and then one has access to network traffic for sniffing. Also, if
> this is for quotas, then surely the people accessing the server via
> *NFS* are inside the network?

Yes, I agree to that, but it doesn't stand in any contradiction to
what I said, or what Wojciech said.

So for the OP, security is needed. As it has been mentioned, using
encryption tunnels is one (valid) means to do this, SSH is another,
and both of them can even be combined. If the environment is that
insecure that it doesn't allow rsh / rlogin, then DO NOT USE IT.
But if it is, why not? At least, the OP's description involving
web servers doesn't justify using "just" rsh / rlogin, and not
telnet, of course. :-)


-- 
Polytropon
>From Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...