Date: Fri, 12 Mar 1999 19:39:06 -0600 (CST) From: Licia <licia@o-o.org> To: Brett Glass <brett@lariat.org> Cc: freebsd-chat@FreeBSD.ORG, fad@o-o.org Subject: Re: added chroot to /usr/bin/login Message-ID: <Pine.BSF.4.05.9903121935220.25104-100000@o-o.org> In-Reply-To: <4.1.19990312182830.03ff2240@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
Sure, knock yourself out :) The patches are BSL :)
I'm not familiar with s/key though, so I will have to take your word on it's
functionality :)
hmmm if I remove the chroot-group part, this whole problem would go away for
you too... wonder if it would help anyone else :)
anyway, have fun :)
On Fri, 12 Mar 1999, Brett Glass wrote:
> At 07:25 PM 3/12/99 -0600, Licia wrote:
>
> >For this situation I think really that anything else would be overkill. I'm
> >actually thinking of removing the chroot-group idea, and having it totally
> >based on /etc/login.conf, but for now I think it's ok as it is :)
>
> It might be. The only reason I like the idea of having an /etc/loginchroot
> file is as follows. I currently administer a system that has LOTS of users
> whose access to things must be limited. We started by putting them all
> in one group and using that one GID as a criterion. But the group got
> past 200 users and this started messing up.
>
> Also, there's the problem that a user can only be in some small number
> (16, I think) of groups. Several users are at their limit on that system.
> To add them to a "chroot group" would break things!
>
> I think that S/Key's scheme would be overkill, but that the one used by
> ftpd for the same purpose is about right. It also has the advantage of
> establishing a consistent convention. Would you be willing to let me
> work on this with you? I'd be glad to submit code to test.
>
> --Brett Glass
>
>
>
>
[ licia@o-o.org ] [ http://www.o-o.org/~licia/ ] [ Alias : Ladywolf]
[ Telnet to o-o.org and log in as bbs ] [ ssh -l bbs -C o-o.org ]
[ A happy user of FreeBSD : http://www.freebsd.org/ ]
main(){int num[4]={1768122732,762265697,1919889007,103};printf("%s\n",num);}
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9903121935220.25104-100000>