Re: Removing guest acess

Subject: Re: Removing guest acess
From: Paul Krohn (krohn@well.com)
Date: Fri Aug 04 2000 - 21:43:51 EDT

• Next message: Steve Freitas: "Permissions question (No Netatalk content)"
• Previous message: Aaron Levitt: "Re: FAQ PARTICIPATION REQUEST"
• Maybe in reply to: Mike DeCoster: "Removing guest acess"
• Maybe reply: Paul Krohn: "Re: Removing guest acess"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Mike DeCoster said:

>Hello, I was wondering how I could remove the guest account from
>appletalk. I don't want to have a gust account that can read everything
>on the system. I was just informed that the guest account could read
>anything on the system. Thank you for your help.
>
>Mike
>
>
ok, a little clarification: the guest account, when perfectly set up, can
read:

-- anything owned by the guest user (usually mapped to nobody, but that's
another issue)
-- anything that is world readable

both provided, of course, that guest can even log in, which is easy to
prevent with "-noguest" added to your server config line in afpd.conf in
older versions of netatalk, or by not having uams_guest.so in your
-uamlist argument in newser versions of netatalk (ie current asun "pre"
versions).

come to think of it, that's documented right in the distributed afpd.conf
file ...

Paul Krohn
551 Sixth Avenue #C
San Francisco, CA 94118
415-668-4756
krohn@well.com

• Next message: Steve Freitas: "Permissions question (No Netatalk content)"
• Previous message: Aaron Levitt: "Re: FAQ PARTICIPATION REQUEST"
• Maybe in reply to: Mike DeCoster: "Removing guest acess"
• Maybe reply: Paul Krohn: "Re: Removing guest acess"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b28 : Wed Jan 17 2001 - 14:31:51 EST