On Tue, Sep 26, 2006 at 04:04:46AM -0700, Frank Niedermann wrote: > > > What intrusive changes are you talking about? I don't want to open a > security hole on a server on the internet ... >
I forget the exact changes I had to make. However, the one which sticks out in my mind is that I had to add the www-data user to the utmp group. All the details are here: http://anyterm.org/1.1/config.html Basically, this can be a problem if you have both local users with console or ssh access and users accessing anyterm. In my case, I am really the only user with shell access on the particular server running anyterm, so I am not overly concerned. I also have it running over https (it would be stupid not to) and the directory is protected by apache's authentication. Otherwise, it would not be much different than allowing any random user unattended access to your system's real login console. There also a tool called anygetty (part of anyterm) which you must use in conjunction. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com
signature.asc
Description: Digital signature
