Date: Wed, 4 Dec 1996 00:02:25 +1100 (EST) From: Julian Assange <proff@suburbia.net> To: babkin@hq.icb.chel.su (Serge A. Babkin) Cc: hackers@freebsd.org Subject: Re: Does anybody need it ? Message-ID: <199612031302.AAA07300@suburbia.net> In-Reply-To: <199612030812.NAA00839@hq.icb.chel.su> from "Serge A. Babkin" at "Dec 3, 96 01:12:12 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> Hi! > > In order to use a FreeBSD box in our working environment I > did implemented an additional security feature in it. The question > is: would it be possible to commit these changes ? > > The idea is to limit certain logins to be accessible from > certain hosts only. So I added a database that describes allowed > hosts, say /etc/userhost.conf, in format like: > > *:host1,host2,host3 > user1:host1,host4 > user2:* > > where * means `any user' or `any host'. Then added a function I don't like these solutions, though I'd be reluctant to say no to anything that is functioning code even if it isn't optimal. Ideally we should have a general authentication library that performs matching of credentials and credential types seeking services. Credentials are items such as tty, password authentication, various crypto- graphic authenticators and groups of equivalient credentials. Services are items such as finger, ftpd, shell, mail and grouping of services. This is about as good a generic authentication scheme as you can achive without resorting to mac esotrics. Julian A.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199612031302.AAA07300>