Re: Two Classes Of Users

Edward S. Marshall (emarshal@common.net)
Sat, 17 May 1997 00:08:33 -0500 (CDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jon Lewis: "Re: Filter to block incoming ether0 telnet?"
Previous message: Sherwood Pekelo: "Re: COMOS 3.3.1- - need higher?"

On Fri, 16 May 1997, Pete Holsberg wrote:
> I will have two classes of users: one that is permitted to
> use PPP or shell account, and another that is restricted to
> shell account only (actually, their shell will be the
> "pine" email program). If necessary, the accounts for the
> latter could be on a different machine from those of the
> former.

This is completely unrelated to your question or Livingston products, but
I just thought I'd point out that if your purpose of giving your users a
shell of "pine" is intended to secure these users against full shell
access, you're in for a nasty surprise. It takes very little effort (you
only need to barely know what you're doing) to get directly to shell from
within Pine.

A nifty thought, however, would be to modify pine to chroot to the user's
home directory, and have their mail delivered to a mailbox in the home
directory (as with qmail, for instance). Can anyone see why that wouldn't
work, offhand? (ie. you could probably make it to some semblance of a
shell prompt, but you wouldn't be able to do much...)

--
.-----------------------------------------------------------------------------.
| Edward S. Marshall <emarshal@common.net> | CII Technical Administrator,     |
| http://www.common.net/~emarshal/         | Vice-President, Common Internet  |
| Finger for PGP public key.               | Inc, and Linux & LPmud (ab)user. |
`-----------------------------------------------------------------------------'

Next message: Jon Lewis: "Re: Filter to block incoming ether0 telnet?"
Previous message: Sherwood Pekelo: "Re: COMOS 3.3.1- - need higher?"