Date: Tue, 3 Dec 1996 13:12:12 +0500 (ESK) From: "Serge A. Babkin" <babkin@hq.icb.chel.su> To: hackers@freebsd.org Subject: Does anybody need it ? Message-ID: <199612030812.NAA00839@hq.icb.chel.su>
next in thread | raw e-mail | index | archive | help
Hi! In order to use a FreeBSD box in our working environment I did implemented an additional security feature in it. The question is: would it be possible to commit these changes ? The idea is to limit certain logins to be accessible from certain hosts only. So I added a database that describes allowed hosts, say /etc/userhost.conf, in format like: *:host1,host2,host3 user1:host1,host4 user2:* where * means `any user' or `any host'. Then added a function userhostok(user,host) char *user; char *host; that returns 0 if access is permitted or -1 if not, just like ruserok(). Then I added this call to /usr/sbin/login. Perhaps there are other login-like programs that need this call to be added. -SB P.S. By the way, the limit of at most 200 users in one group and the maximal length of record in /etc/group of 1024 characters are TOO small. Perhaps they need to be multiplied by at least 10 to be shure that they wouldn't make a problem.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199612030812.NAA00839>