[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Getting usernames from a Novell server (ncp)



At 09:54 22-02-99 -0600, "Scott Nelson" <sbnelson@thermeon.com> wrote:
>> nwbpvalues -S NetwareServerName -U VeryPriviligedNetwareUserLogin
>> -o LOGINID -t 1 -p IDENTIFICATION -P PriviligedPassword

>Careful! The passwords would be visible to others simply by using the ps
>command!

Good point. I hadn't tought of that.

Note my follow-up letter of January 1:
A normal user can obtain the user names and full names. So there is no need
to use a supervisor account for this.

>I don't know these commands, but can you eliminate the passwords from the
>command line and pass them via standard input?
There are several solutions, as I see it.

One is:
As far as I remember, the nw* utilites will accept an environment variable
specifying password or a file where the password resides. See the relevant
man-pages for info.

An other is:
Maintain a constant connection (mount) to the Novell-server and use the
"-n" option in stead of sending a password.

Third:
Restrict access to the /proc directory. This would disable ps-like tools
for normal users. I don't know if this has bad consequences in other
situations?


Greetings from Troels Arvin, Copenhagen, Denmark
http://www.mdb.ku.dk/tarvin/



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []