Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: uid of an account which accesses ftp/http
Operating Systems Linux uid of an account which accesses ftp/http Post 302517037 by Corona688 on Tuesday 26th of April 2011 12:27:27 AM
Old 04-26-2011
If this is homework, you should post in the homework section.

But it's a bad and vague question.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Firewall - 2 Internet accesses - routing rules from source

Hello, I would like to modify my firewall configuration for being able to handle 2 internet connections in my Red zone. I would then like to configure some selecting routing rules depending on the internal source. Actual configuration: ===================== 1 router A (ISP)... (1 Reply)
Discussion started by: el70
1 Replies

2. UNIX for Advanced & Expert Users

how to know how many user's connected to ftp and http server

i need to write a program to know how many users are presently connected to my ftp server and http server . i need to keep a count of this and this count should be available to other different software . how to make this GLOBAL so that other softwares can access this count value (7 Replies)
Discussion started by: hariprasad
7 Replies

3. Cybersecurity

List of HTTP/FTP-clients on a server

The other day, a friend of mine had his Linux webserver compromised because he was running a vulnerable PHP-script. The "hacker" had used a malformed URL to include a wget-command to fetch some stuff off the net and install it in /dev/shm where it ran undetected. Fortunately, the webserver ran as a... (2 Replies)
Discussion started by: indo1144
2 Replies

4. UNIX for Dummies Questions & Answers

Protect Account UID = 0

Hello, Can someone give me some recommendations on how to protect this account? I understand that this account is an "operator" account and has root access. Thanks in advance (5 Replies)
Discussion started by: susie2345
5 Replies

5. Solaris

ftp account locking

I need some help trying to figure out why our ftp account keeps getting locked with no manual intervention. We have end of day processes that run nightly and the last thing it does is ftp files to a server. Everyonce in a while the script fails because the account has been locked. How could this... (5 Replies)
Discussion started by: morgadoa
5 Replies

6. HP-UX

umask for an ftp account

Hi, I have an ftp account which is used for transferring files to a UNIX box. eventhough the permissions on the source box for the files are 777, when it reaches the destination node via this ftp transfer the permissions is getting changed to -rw-r----- can someone please help me? umask... (3 Replies)
Discussion started by: vivek_damodaran
3 Replies

7. UNIX for Dummies Questions & Answers

Setting up FTP account

Hi, I am new to the workd of FTP administration. I was asked to make an account on our FTP server so that someone can only download and upload to his home directory. The account is made but what settings/cconfiguration can I verify to ensure that the user has access to his home directory only?... (1 Reply)
Discussion started by: mojoman
1 Replies

8. Red Hat

networking problems with ftp,telnet, ssh, http

I have following problems with RHEL 5.2 Desktop installation ftp, telnet, ssh and web are not working. Web browser tries to connect to host but eventually fail with timeout. ftp, telnet and ssh simply hung, nothing happens. Basically all protocols will end up in timeout. ping, nslookup and... (2 Replies)
Discussion started by: Kainu
2 Replies

9. Shell Programming and Scripting

How to download X bytes from a file using ftp or http?

Hi, I have a simple ftp shell script which can download the entire file, however I want to know if there is anyway that I can download only the partial content, say X bytes from a file. If so, how I can do it using ftp and http.. Here is my sample script #!/bin/sh HOST='xyz.com' ... (5 Replies)
Discussion started by: learn more
5 Replies

10. Solaris

New root account with Different UID number

Hi Unix Gurus . I have requirement where in which - I would like create duplicate root equivalent account with all the privileges equal to root. Is it possible to create this duplicate account with different UID. ? this id i would like give it to my teams - who does multiple activities using... (2 Replies)
Discussion started by: johnavery50
2 Replies

LEARN ABOUT XFREE86

krb5_auth_rules

krb5_auth_rules(5)					Standards, Environments, and Macros					krb5_auth_rules(5)

NAME

       krb5_auth_rules - Overview of Kerberos V5 authorization

DESCRIPTION

       When  a	user  uses  kerberized	versions of the ftp, rdist, rcp, rlogin, rsh, or telnet clients to connect to a server, even if the user's
       claimed Kerberos V5 identity is authenticated, the user is not necessarily authorized. Authentication merely proves that the user  is  "who
       he says he is" to the Kerberos V5 authentication system. Authorization also needs to be done, since it determines if that Kerberos identity
       is permitted to access the Solaris user account that the client wants to access.

       Each user may have a private authorization list in a file ~/.k5login in his login directory (on the server). Each line in this file  should
       contain	a  Kerberos  principal name of the form principal/instance@realm. If the server finds a ~/.k5login file, then access is granted to
       the account if and only if the originating user is authenticated to one of the principals named in the ~/.k5login file.

       If there is no ~/.k5login file, the originating user will then be checked against the gsscred table (see gsscred(1M)).  If the  originating
       user's  Kerberos  V5  identity  is  in  the gsscred table, and if the UNIX user id in the gsscred table corresponds to the user account the
       client is trying access, then the originating user is granted access to the account on the server. If the UNIX user id does not match, then
       the originating user is denied access.

       For  example, suppose the originating user has a principal name of jdb@ENG.ACME.COM and the target account is jdb-user. If jdb@ENG.ACME.COM
       appears in the gsscred table with uid 23154 and if jdb-user appears in the user account database  (see  passwd(4))  with  uid  23154,  then
       access to account jdb-user is granted.  Of course, normally, the target account name in this example would be jdb and not jdb-user.

       Finally,  if there is no ~/.k5login file and if the originating user's Kerberos V5 identity is not in the gsscred table, then the user will
       be granted access to the account if and only if all of the following are true:

	 o  The user part of the authenticated principal name is the same as the target account name specified by the client.

	 o  The realm part of the client and server are the same.

	 o  The target account name exists on the server.

       For example, if the originating user has a principal name of jdb@ENG.ACME.COM and if the server is in realm SALES.ACME.COM,  then  even	if
       jdb  is	a  valid account name on the server, the client would be denied access. This is because the realms SALES.ACME.COM and ENG.ACME.COM
       differ.

FILES

       ~/.k5login      Per user-account authorization file.

       /etc/passwd     System account file. This information may also be in a directory service. See passwd(4).

ATTRIBUTES

       See attributes(5) for a description of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       ftp(1), rcp(1), rdist(1), rlogin(1), rsh(1), telnet(1), gsscred(1M), passwd(4), attributes(5), gss_auth_rules(5)

NOTES

       To avoid security problems, the ~/.k5login file must be owned by the remote user.

SunOS 5.10							    13 Apr 2004 						krb5_auth_rules(5)
All times are GMT -4. The time now is 01:55 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy