[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Getting usernames from a Novell server (ncp)

From: Troels Arvin <rhl www studmed ku dk>
To: pam-list redhat com
Subject: Re: Getting usernames from a Novell server (ncp)
Date: Thu, 25 Feb 1999 00:45:03 +0100

At 09:54 22-02-99 -0600, "Scott Nelson" <sbnelson@thermeon.com> wrote:
>> nwbpvalues -S NetwareServerName -U VeryPriviligedNetwareUserLogin
>> -o LOGINID -t 1 -p IDENTIFICATION -P PriviligedPassword

>Careful! The passwords would be visible to others simply by using the ps
>command!

Good point. I hadn't tought of that.

Note my follow-up letter of January 1:
A normal user can obtain the user names and full names. So there is no need
to use a supervisor account for this.

>I don't know these commands, but can you eliminate the passwords from the
>command line and pass them via standard input?
There are several solutions, as I see it.

One is:
As far as I remember, the nw* utilites will accept an environment variable
specifying password or a file where the password resides. See the relevant
man-pages for info.

An other is:
Maintain a constant connection (mount) to the Novell-server and use the
"-n" option in stead of sending a password.

Third:
Restrict access to the /proc directory. This would disable ps-like tools
for normal users. I don't know if this has bad consequences in other
situations?

Greetings from Troels Arvin, Copenhagen, Denmark
http://www.mdb.ku.dk/tarvin/

Follow-Ups:
- Re: Getting usernames from a Novell server (ncp)
  - From: wmperry@aventail.com (William M. Perry)

References:
- Re: Getting usernames from a Novell server (ncp)
  - From: "Scott Nelson" <sbnelson@thermeon.com>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index] []