Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Re[2]: How do I get invisible character input?

1 view
Skip to first unread message

julag%...@tacom-emh1.army.mil

unread,
Sep 27, 1993, 2:03:19 PM9/27/93
to

Received: from tacom-emh165.army.mil by cc:Mail (1.30/SMTPLink)
From il...@rmy.emory.edu Wed 05 Aug 1992 23:07
X-Envelope-To: ju...@tacom-emh165.army.mil
Return-Path: <il...@rmy.emory.edu>
Received: from tacom-emh1.army.mil ([192.82.113.1]) by tacom-emh165.army.mil (SM
Received: from rmy.rmy.emory.edu by tacom-emh1.army.mil (5.65b/27-kbp)
id AA19772; Wed, 5 Aug 92 22:57:11 -0400
Received: by
rmy.rmy.emory.edu (5.65/Emory_rmy.3.3.7) via MAILPROG
id AA01037 ; Wed, 5 Aug 92 22:58:26 -0400
Return-Path: il...@rmy.emory.edu
From: hu...@nezsdc.icl.co.nz (Hugh Grierson)
Message-Id: <1992Aug5.0...@nezsdc.icl.co.nz>
Subject: Re: How do I get invisible character input?
Date: 5 Aug 92 00:26:16 GMT
Reply-To: hu...@nezsdc.icl.co.nz (Hugh Grierson)
Organization: Fujitsu New Zealand
Sender: informix-...@rmy.emory.edu
To: inform...@rmy.emory.edu
X-Informix-List-Id: <news.1626>

In article <i...@byu.edu> eck...@sirius.byu.edu (Sean Eckton) writes:
>> Your problem is in having the users share the same login. This is a very
>> bad idea; if you stick with it then I suspect that your problems have
>> just begun. Would you care to elucidate the reasons for this decision?
..
>Ok, I'll explain. I am writing a system to allow representatives of all the
>departments here on campus to register hosts for nameservice. What they will
>do is telnet to the host, login with a standard user name and password which
>all of the representatives will have, then be able to add information about
>computers on campus. Each representative has a range of IP numbers assigned
>to him that he/she can assign at will. I want to descriminate between users
>at the informix level, not the unix level. I can do this, but I need a way
>for them to login using informix under the same unix account. If I added
>accounts for each representative, our account list would increase by 80+.
>They won't be using it often enough to warrant that many accounts. Some may
>use it once a month or less. Does this clear it up? Why do you say I will
>have problems? I am open for any suggestions.

Hmm, it -may- be ok to share unix logins like this in this case. The sort
of thing I was more concerned about is when an admin says "oh, lets have all
of our payroll clerks use the same logname to make things easier..."

I still have misgivings about the idea though. Wouldn't it be easier to
just add those 80 accounts than to jump through hoops building password
authentication into your application? There really is little overhead
in adding that number of accounts.

Remember, the password mechanism is Unix's only real defense against attack.
A well-known logname/password is a security risk no matter how bullet proof
you think the application might be. Also, "who" works if they have unique
lognames. Just my 2c.

--
Hugh Grierson Fujitsu/ICL New Zealand - Software Development Centre
hu...@nezsdc.icl.co.nz Speaking for myself only. See figure 1.
*******************************************************************************
Hugh/Sean,

Something I tried with success some time ago--- I had a SINGLE database which
was used by a GROUP of 5 people or so. INFORMIX seemed to LOCK out another user
if one was currently using the database.

My solution-- I had all in the GROUP chmod to 777 on their DIRECTORIES and
went in to each and created a SUBDIRECTORY just for that DATABASE. I then
established a LINK (ln command) with my DATABASE to the SUBDIRECTORY of the
other users. Also did a chgrp so all users were the same.

Then their directories were RESET back to 700. Each member of the GROUP still
had WRITE ability to UPDATE the database even though INDIVIDUAL directories
were CUT OFF.

This worked and their was NO CORRUPTION of data.

Glen Patrick Jula
US ARMY TACOM
julag%ccm...@tacom-emh1.army.mil

Jack Parker

unread,
Sep 27, 1993, 5:23:12 PM9/27/93
to

Why not put a .rhosts file out there for each of the people logging in?
That way the account is still protected to some degree by the protection
of the admin's account whereever (s)he is. It still ain't great.

cheers
j.

_____________________________________________________________________________
Jack Parker |
Hewlett Packard, BSMC Boise, Idaho, USA| Your .sig has expired, please enter
jpa...@hpbs2561.boi.hp.com | a new one.
(208) 396-5388 (W) (208) 384-1623 (H) |
_____________________________________________________________________________
Any opinions expressed herein are my own and not those of my employers.
_____________________________________________________________________________

0 new messages