Cover V02, I02
Article
Figure 1
Figure 10
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9
Listing 1
Listing 2
Listing 3
Listing 4
Table 1
Table 2
Table 3
Table 4

mar93.tar

Figure 7: Permissions entry examples

#
# For ANONYMOUS LOGINS
#
LOGNAME=nuucp

Any machine which calls in and logs in using the login name nuucp will
use this entry, which will set the default values into action.

#
# For dealing with wabbit - AT&T 7300
#
LOGNAME=wabbit  \
MACHINE=wabbit  \
REQUEST=yes             \
SENDFILES=yes   \
READ=/                  \
NOREAD=/etc             \
WRITE=/tmp:/usr/tmp:/usr/spool/uucppublic       \
COMMANDS=ALL

This entry is used when "wabbit" logs in to us, or when we call wabbit.  In
both cases, the permissions are very liberal.  As I manage both machines, I
don't have a problem with this.  Notice that even though wabbit can read
files from any directory, access to /etc/ has been explicitly blocked
off, thus preventing the retrieval of the password file.


 

© 2003 CMP Media LLC. All Rights Reserved.
www.sysadminmag.com