Mailinglist Archive: opensuse-security (320 mails)

< Previous Next >
Re: [suse-security] .rhost everybody access
  • From: Peter Wiersig <wiersig-ml@xxxxxxxxxxxxx>
  • Date: Thu, 8 May 2003 18:58:01 +0200
  • Message-id: <20030508165801.GB26299@xxxxxxxxxxxxx>
Rolf Krahl wrote:
> On Thu, 8 May 2003, Joao Reis wrote:
>
> > The purpose of given permission to everybody is because there is
> > an account which is used by everybody in my company.
> >
> > This is a project account and my company only has 5 users.
>
> Then i still don't see why you don't simply set up some unix group
> for the project and create the project directories with write
> permission for the group. That's exactly what unix groups are
> invented for.

Don't forget to sgid the project directory, so that new
subdirectories are also owned by <prj-group> and group-writeable.

> If you still want the common account, then i'd recommend to follow
> the proposal of Markus to distribute the private key to ssh to
> that account among the project members.

Nope, the users need to import their id<something>.pub to
"/home/<targetaccount>/.ssh/authorized_keys.

A private key should be just that: Private.

Peter

< Previous Next >