next message in archive
next message in thread
previous message in archive
previous message in thread
Index of Subjects
[2] Public Download Area (PDA) - Macintosh Admini
A follow-up to the previous message.
___
/| / / / Neale Partington
/ | / /__/ President, Great Plains Free-Net Inc.,
/ |/ / Regina, Sk., Canada Neale@gpfn.sk.ca
GPFN OFFICE (voice): 306-569-8554 MODEM POOL: 306-569-8555
Members get access to express lines as well.
---------- Forwarded message ----------
Date: Fri, 13 Dec 1996 11:02:07 -0600 (CST)
From: Michael Lee <mlee@GPFN1.GPFN.SK.CA>
To: Robert Greenfield <rhg@GPFN1.GPFN.SK.CA>
Cc: Gordon Fisch <gfisch@GPFN1.GPFN.SK.CA>,
Russell Hauser <russ@rpl.regina.sk.ca>,
Daryle Niedermayer <daryle@gpfn.sk.ca>,
Neale Partington <neale@gpfn.sk.ca>
Subject: Re: ** CONFIDENTIAL **
On Fri, 13 Dec 1996, Robert Greenfield wrote:
> Our logging system is able to tell us which commands were executed by
> which user, when, but I am at a loss to get this info. Richard H*? is the
> source of that info.
>
> I did poke into ~aa075 as root and I can confirm what Micheal says. Here
> are some recently modified documents:
>
> something called '.installdirs.html'
>
> <title>Installation Directory Selection</title>
> <h1>Choose a destination directory</h1>
>
> something called 'csh.html'
>
> <p>
> <ol>
> <LI>Goto csh
>
> This seems to be the recipe that Michael presented. Michael, can you test
> this one from your aaNNN account?
>
Yes, that is the same command I used to get into the shell. My original
thought was that he didn't actually get into the shell but just used to
same lynxexec commands to activate talk and other unix calls, but now
with that link in his pages we are now sure he has been going into the shell.
> In addition to making the restriction tha Michael suggests we should 1)
> review our policies and 2) talk with this user. If the discussion with the
> user develops well, then perhaps the interest, energy and knowledge of
> this person could be channeled into more constructive avenues, Bob
I'm sure speaking to this individual should be done soon. I do believe
he is breaking a policy as it is, but I don't which one specifically as I
don't have the policies on file.
---
Another suggestion for now could be to not let csuite users see beyond
their home directories. What I mean is when you go files, the first
highlight is a ../ link on your page. Get the lynxdired to not have that
link at all unless they are withing a subdirectory in their own
directories. SFN used to have a ../, and one can then go back and view
all the directories a system has, yesterday I went to my files and
noticed that they no longer have a ../ (back directory) in my home files
directory.
Now, this won't be of much help to unix pros since they are pretty much
aware of the dir structure (ie. /usr/bin). But for someone who doesn't
know, not letting them know the directory structures of our system is a
great help - afterall I did have to consult my unix shell account for
some help when I tried "breaking the system".
Later.
---
Michael Lee - mlee@gpfn.sk.ca
[1] Information Provider (BBS List)... since Aug. '95
http://www.gpfn.sk.ca/inet/bbslist/index.html
[2] Public Download Area (PDA) - Macintosh Administrator/Support
Great Plains Free-Net - Regina, Saskatchewan, Canada
next message in archive
next message in thread
previous message in archive
previous message in thread
Index of Subjects