Re: NO multiple logins !! Livingston won't listen

Ing. Felipe Tribaldos (felipe@avatar.pty.com)
Mon, 24 Jun 1996 16:40:38 +0500 (GMT)

Owen DeLong said:
>
> > Lo and behold, Ing. Felipe Tribaldos once said:
> > > Hi;
> > >
> > > We need a way to prevent multiple logins. I have not wanted to stray from the
> > > Livingston Distribution of RADIUS, but my patience has a limit.
> > >
> > > Why won't Livingston listen to the overwhelming demand for this feature? :-(
> > > I have wanted to stay with LE's stock distribution for the support issue,
> > > however my patience has a limit. We have been using PM's (we have 4 now), for over
> > > six months, now and have wanted this feature since day one.
> > >
> > > I know I know that you can hack the source to do this, but its only been
> > > requested 7 million times on this list alone.
>
>
> Let's put this in a slightly broader perspective:
>
> 1. Livingston does not have an infinite budget.
> 2. Quality Software Engineers are NOT in infinite supply.
> 3. The percentage of portmasters deployed for shell access type
> services is probably less than 10.

We don't offer shell access. All we have are ppp accounts, an have some
abusers that log in more than once.

> 4. This problem doesn't really apply to network access as it
> does to shell access.

I beg to differ, it does apply to network access.

> 5. One customer with four PortMasters is not overwhelming demand.
> Sure, there are a few other people asking for this, but the
> vast majority of Livingston's customers don't consider this
> important.

Ask around, a lot of PM-Users would like to see this included in RADIUS.

> 6. The multiple login problem is not a problem which can be solved
> on the PortMaster itself.
> 7. RADIUS is a NON-REVENUE product for Livingston. That's right,
> it's FREEWARE!
> 8. NO terminal server solves this problem (NO other terminal
> server comes as close to solving this problem as Livingston).
> 9. If you're running UNIX, the place to solve this is by
> creating a replacement for the distributed quota(1M)
> program called by login. This can easily be done on SVr4
> as follows:
>
> 1. Write a simple program (even a shell script will
> work) which:
>
> Checks for user already logged in
> If (user already logged in)
> {
> Inflict pain here
> }
> exec(/usr/sbin/quota.real)
>
>
> 2. mv /usr/sbin/quota /usr/sbin/quota.real
> 3. mv <program from step 1> /usr/sbin/quota
>
> Remember, quota is an SUID program. The program you write
> should not need SUID priveleges.
>
> This means that:
> 1. You haven't modified anyones code.
> 2. You still have full support available
> 3. You can go back to the way things were by:
> mv /usr/sbin/quota.real /usr/sbin/quota

We don't have shell accounts, so this doesn't apply to us, but may help other
folks....

> 10. There are many other features which Livingston Engineering
> is focused on which are much more important to a much
> larger percentage of their customers.
>
> Overwhelming demand is, IMHO, defined as "A very large percentage of
> Livingston's customers want this so badly that it stands to significantly
> impact Livingston's sales if we do not deliver it. In fact, so
> substantially that it is in Livingston's best interest to discontinue
> efforts on other projects in order to staff a solution to this particular
> issue."

I does affect at least our usability of the PM's since abusers are able
to share accounts. Static IP's are a solution, but we a finite number
of IP's to allocate.

> Your problem does not fall into this definition of overwhelming demand.
> OSPF does. PRI does.
>
> I have features I'd like to see in the portmaster as well (secondary
> IP addresses on interfaces, for example) that aren't there too. However,

This would be nice too.

> I suspect the demand is less than overwhelming, so I don't scream too
> loud about it.
>
> Owen

-- 
 ___________________________________________________________________________
| Ing. Felipe Tribaldos                                                     |
| Gerente de Operaciones / Operations Manager   Tel. +(507)269-3571/223-5111|
| CyberMedia Panama                             Fax. +(507)264-6082         |
| Internet Access - Web Publishing              Res. +(507)269-7330         |
| url: http://www.pty.com/                      email: felipe@pty.com       |
| __________________________________________________________________________|