PROBLEM WITH MKUSER - SECURITY
Bob Beaulieu
bobb at netcom.COM
Tue Apr 30 16:49:59 AEST 1991
I have a client that had a lot of users (80+) in the same group "group1"
and added '\' to allow entry of ALL of these users because of limits in
line lengths.
Each time he runs the mkuser program provides by sco, the program edits
the group file and adds:
::0:: name1, name2, name3, name4, name5, name6, ... name20
::0:: name21, name22, name23, ... namexx
All these users now have to do is type:
newgrp root
and just about everything is at the hands!
I have been able to verify this on other 386 2.3 sco boxes. The old
group file is renamed to "group-".
Any comments?????
bobb
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Bob Beaulieu |
| San Jose, CA. |
| (408) 723-0556 |
| bobb at netcom.com |
| {apple,amdahl,claris}!netcom!bobb |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More information about the Comp.unix.xenix.sco
mailing list