From owner-freebsd-hackers Wed Oct 22 16:25:55 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id QAA08925 for hackers-outgoing; Wed, 22 Oct 1997 16:25:55 -0700 (PDT) (envelope-from owner-freebsd-hackers) Received: from inspace.net (root@nova.ispace.com [207.204.40.7]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id QAA08892; Wed, 22 Oct 1997 16:25:43 -0700 (PDT) (envelope-from gme@inspace.net) Received: from caffeine (caffeine.inspace.net [207.204.40.248]) by inspace.net (8.8.6) (8.8.6) (SPAM Stopper: 3.0b2) with SMTP id TAA02620; Wed, 22 Oct 1997 19:24:59 -0400 (EDT) From: "George M. Ellenburg" To: "Daniel O'Callaghan" , "Charles Mott" Cc: , Subject: Re: Password files and virtual IP addresses Date: Wed, 22 Oct 1997 19:24:20 -0400 Message-ID: <01bcdf41$9f805fb0$f828cccf@caffeine> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.71.1712.3 X-MimeOLE: Produced By Microsoft MimeOLE V4.71.1712.3 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by hub.freebsd.org id QAA08901 Sender: owner-freebsd-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk What about the problem with "username re-use" with the effective UIDs of the users? Wouldn't 'webmaster@somedomain.com' and 'webmaster@anotherdomain.com' effectively have the same UID (excluding Sendmail tables/ tricks)? That is, if both users physically log in to the server with the user of 'webmaster'. How would you bypass the UIDs physically recorded in the UFS directory structure? G.M.E. -----Original Message----- From: Daniel O'Callaghan To: Charles Mott Cc: freebsd-hackers@FreeBSD.ORG ; freebsd-isp@FreeBSD.ORG Date: Wednesday, October 22, 1997 7:04 PM Subject: Re: Password files and virtual IP addresses | |On Wed, 22 Oct 1997, Charles Mott wrote: | |> Suppose that one wanted to create different virtual |> IP addresses with ifconfig alias, and when people telnet |> or ftp or access pop3/imap2 at a virtual address, a |> password file specific to that virtual address would be |> used. This would allow username re-use. | |You *could* do it by hacking getpw*(3) and including a call to |getsockname(2). | |I do it by building virtual machines using a hacked inetd(8) which does a |getsockname(2) followed by a chroot(2) to the virtual machine. The vm |needs to have ld.so and lib/* etc, etc, etc. It is great for allowing |telnet access to web sites while preventing customers from peeking at |each other's stuff. | | |/* Daniel O'Callaghan */ |/* HiLink Internet danny@hilink.com.au */ |/* FreeBSD - works hard, plays hard... danny@freebsd.org */ | | |