[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] Re: cobalt-security digest, Vol 1 #797 - 1 msg
- Subject: [cobalt-security] Re: cobalt-security digest, Vol 1 #797 - 1 msg
- From: "A2ZUniforms.com" <sales@xxxxxxxxxxxxxxx>
- Date: Tue, 11 Jun 2002 07:26:42 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
1. Telnet/SSH simple user permissions (Dave Anders)
I just had the same problem. I can SSH in as admin but a user can not SSH
in unless you turn on telnet (which I know is redflagged on many posts) but
I did it anyway so he could log in. Then when I logged in with his username
I was horrified to see that his username had all the same privileges as
admin! So I quickly turned the telnet off for that site to disable it. It
seems that you should be able to give a user SSH privileges to their own
site (particularly if they are the site administrator) without giving them
access to the whole server.