LinuxSA Mailing list archives

  From: Alan Kennington <akenning@dog.topology.org>
  To  : LinuxSA <linuxsa@linuxsa.org.au>
  Date: Tue, 23 Mar 1999 13:21:44 +1030

linux login restrictions faulty?

Questions:
1.	Is the /etc/usertty stuff for "login" really supposed to work.
2.	How else do you get an account to be ftp access only?

I'm using redhat 5.2 on a 486.

I've just followed all the instructions in "man login" to
fill out the file /etc/usertty to restrict some users
to not be able to log in except from certain IP addresses.

Here's a representative example.

CLASSES
topology        @203.38.148.48/255.255.255.240
USERS
user1		@203.38.148.49/255.255.255.255

According to the manual, this should force user1 to
log in from the specified address. But it is possible
to log in from other address.
(Ignore the classes specification -- that's what I will
user later when this all works.)

Have I made a mistake, or is the login spec not working?

On question 2,
can anyone tell me what the usual way of blocking a user from
using anything but FTP is?
This is so that people can upload files but not roam
around and copy password files etc.

Cheers,
Alan Kennington.

PS. I had another attack yesterday -- from the Netherlands this time.
http://www.topology.org/attacks/euronet1.html

-- 
Check out the LinuxSA web pages at http://www.linuxsa.org.au/
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject