Hi,

 

   Whatever you are getting is the wrong way. If a user is installing
STAF on his desktop and creating a trust level 5 on his machine then
that user will have the privileges of a level 5 trust on the local
machine. Having trust level 5 on local machine and wishes to access
remote machine and add his trust level on remote machine won't do. To do
so he needs to have required privileges on remote machine. 

 

 For example, if any user wants to run some command on other machine
first that user needs to have permissions on local machine as well as on
the remote machine. Having permission on local machine, he cannot run
the tasks on the remote machine until and unless the user is registered
and has privileges on remote machine.

 

Regards,

Sairam

 

-----Original Message-----
From: agou [mailto:a...@talktalk.net] 
Sent: Thursday, January 22, 2009 11:57 AM
To: Sharon Lucas
Cc: staf
Subject: Re: [staf-users] Trust?

 

Sharon, thank you for your patience with me - I'm sorry if I do go on 

and on about this. I find the subject very intriguing, although I don't 

anticipate any security problems on my network.

 

What I am thinking about is - a user can install staf on his own desktop


and then create a "false" authenticator of the same name as the real one


on the servers, which gives his username trust level 5. Wouldn't that 

give him level 5 access to the rest of the servers? Or are the 

credentials sent along with the requests and validated on the other 

servers? I know I am going to be asked this question, so I'd like to 

understand it.

 

/jan

 

Sharon Lucas wrote:

> No, you only given trust level 5 to those user ids that you want to
have 

> trust level 5.  You can only authenticate a user id if you know the 

> password (its credentials). 

> 

> Also, note that to perform user authentication across systems, the 

> authenticator must be registered as the same name on all machines
where 

> you want to use user trust authentication.

> 

 

 

------------------------------------------------------------------------
------

This SF.net email is sponsored by:

SourcForge Community

SourceForge wants to tell your story.

http://p.sf.net/sfu/sf-spreadtheword

_______________________________________________

staf-users mailing list

staf-users@lists.sourceforge.net

https://lists.sourceforge.net/lists/listinfo/staf-users

 

BEGIN:VCARD
VERSION:2.1
N:Sairam-B22305;Purandhar;;Mr.
FN:'Purandhar Sairam-B22305'
ORG:Freescale Semiconductor;UCM
TITLE:Software Engineer
TEL;WORK;VOICE:+914023358927 
TEL;HOME;VOICE:+914027243556 
TEL;CELL;VOICE:+919963333929 
ADR;WORK;ENCODING=QUOTED-PRINTABLE:;;Intoto Software (I) Pvt Ltd,=0D=0A4th floor, Uma Plaza, NagarjunaHills,Pun=
jagutta;Hyderabad;Andhra Pradesh;500082;India
LABEL;WORK;ENCODING=QUOTED-PRINTABLE:Intoto Software (I) Pvt Ltd,=0D=0A4th floor, Uma Plaza, NagarjunaHills,Punja=
gutta=0D=0AHyderabad, Andhra Pradesh 500082=0D=0AIndia
ADR;HOME:;;H.No. 24-138/8, Behind old Anandbagh Post Office, Anandbagh, Malkajgiri;Hyderabad;Andhra Pradesh;500047;India
LABEL;HOME;ENCODING=QUOTED-PRINTABLE:H.No. 24-138/8, Behind old Anandbagh Post Office, Anandbagh, Malkajgiri=0D=
=0AHyderabad, Andhra Pradesh 500047=0D=0AIndia
EMAIL;PREF;INTERNET:sairam...@freescale.com
REV:20081125T090756Z
END:VCARD
------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________
staf-users mailing list
staf-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/staf-users

Reply via email to