[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]
Sven 'Darkman' Michels sven@darkman.de
Sun, 24 Apr 2005 11:30:15 -0700 (PDT)
ah...very true. a limited login isn't quote available with that bit of code there. if you can get them to run the console client on a host they should have full access to, then it wouldn't be bad (since the command is run on the client side).
Right, but for now i want to build something like a "end user console server", so the user normaly don't need/have access on the box, too.
but, i do understand your point, and i can see the need for a switch to be able to turn this off. for now, if you remove (or comment out or #if it away or whatever) the case statement on line 3620 of conserver/group.c (the '|' one), you'll disable the feature. the only other bit of diddying up you might want to do is also remove the reference on line 421 of conserver/client.c (the help message).
yeah, that was what i tought of (changeing the code ;) - maybe i will remove other things, too (like the switch of the console, cause we don't use authentication at this level anymore..) - may thanks for the codelines! :)
i'll make sure either a run-time or compile-time (or both) switch is put in for the next release to turn this off so things can be more secure.
What about a switch to disable a few features? so you can call console with -X or so and it won't provide such features then (but you would need a compile option, too, if someone is allowed to spec the console call itself..)
Thanks for your reply! With kind regards, Sven