From owner-freebsd-isp Wed Aug 7 08:10:11 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA03662 for isp-outgoing; Wed, 7 Aug 1996 08:10:11 -0700 (PDT) Received: from katan.pomona.edu (katan.pomona.edu [134.173.78.13]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id IAA03648 for ; Wed, 7 Aug 1996 08:10:07 -0700 (PDT) Received: (from john@localhost) by katan.pomona.edu (8.6.12/8.6.12) id IAA16531; Wed, 7 Aug 1996 08:10:21 -0700 Date: Wed, 7 Aug 1996 08:10:20 -0700 (PDT) From: john To: Peter Hawkins cc: freebsd-isp@FreeBSD.ORG Subject: Re: Trial accounts In-Reply-To: <199608070010.KAA01174@rhiannon.clari.net.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Wed, 7 Aug 1996, Peter Hawkins wrote: > I'd like to gather some feelings about providing (perhaps restricted) "trial" > 1. security > 2. The potential for someone to dial in under that name indefinitely. > > However I don't want to lose custom :) so if there are ways of > addressing 1. and 2. I'd like to hear them. > > Peter --- well, from my experience i've seen two easy ways of extending acct use. 1. a file under the name of "TERMSET*" was placed in a trial home directory which altered the time counter and the user was allowed to use the acct indefinitely. i'm not sure exactly what TERMSET* was altering, but it worked 2. after a trial period, even though the acct had expired, ftp was still open. so someone was able to ftp a new .login file and consequently dialin indefinitely. both methods aren't real security holes, simple settings changes would do the trick. it's more of a reflection on the sysadmins. they were either too busy, too lazy or too stupid to take care of it. hope everything works out well for you l8r