Subject: Re: [netatalk-admins] Feature Suggestion: AFP/TCP running as user, not root
From: Mark Donnelly (mark@coe.missouri.edu)
Date: Thu Nov 13 1997 - 19:09:24 EST
<snip!>
>Under this scheme, a
>single (non-root) user could start the specially-configured afpd running on
>a high port number, and log in and access the server with the priviledges
>that their account on the server already has. In other words, the
>authentcation mechansim would not change the UID, but rather allow a single
>account (that of the user running afpd) access to the server.
<snip! again>
>-Eugene
Well, I, for one, see at least one problem with this. As far as I can tell,
there is only one port that a Macintosh client will try to connect to. So,
again under this scheme, only one person would be allowed to use this at a time.
That would be fairly rood if anyone else would like to try the same thing.
It sounds like the BEST solution will be to have the system administrators run
the daemon. However, if that isn't a possibility, I definately see some merit
in your approach.
--Mark
"I think so Brain, but if they called them sad meals, then
no one would buy them."
This archive was generated by hypermail 2b28 : Sat Dec 18 1999 - 16:28:04 EST