Newsgroups: comp.sys.mac.comm
Path: utzoo!utgpu!watserv1!psych
From: psych@watserv1.waterloo.edu (R. Crispin - Psychology)
Subject: Re: TelNet File Protection???
Message-ID: <1991Apr23.134833.4112@watserv1.waterloo.edu>
Organization: University of Waterloo
References: <803.280d8689@zodiac.rutgers.edu> <6234@crystal.UUCP> <1991Apr23.072617.7975@eik.ii.uib.no>
Date: Tue, 23 Apr 1991 13:48:33 GMT
Lines: 30

In article <1991Apr23.072617.7975@eik.ii.uib.no> sigurd@ii.uib.no (Sigurd Meldal) writes:
>In article <6234@crystal.UUCP> derosa@motcid.UUCP (John DeRosa) writes:
>>garrison@zodiac.rutgers.edu writes:
>>
>>>I've seen several posts refering to the security risks of telnet (in that if
>>>telnet is open, anyone can ftp over to your system and copy to their hearts
>>>content). Is it possible to, say, set the protection on certain applications
>>>and files so that they will be inaccessable to anyone logging into your 
>>>system (or, better yet, invisible)?  (But remain useable and visible to 
>>>people actually using the Mac). This would enable us to just leave telNet
>>>open under multifinder. 
>>
>>There are two distinct ways to prevent prying eyes.  The first one will work
>>while the second way is better (IMHO).
>...
>>2) In your config.tel, add the line passfile="ftppass".  This tells
   Stuff Deleted
>
>I have only one quibble with this one. Since the ftppass file is in a
   Stuff Deleted
 
The problem with any method that relies on the values in the passfile is it
eliminates people being able to do an Anonymous FTP to the machine. I would
like to allow this but restrict the access to only a single volume or directory
and its sub-directories.     

Richard Crispin              Phone:    (519)888-4781
Dept. of Psychology          EMail:    psych@watdcs.uwaterloo.ca 
University of Waterloo                 psych@watserv1.uwaterloo.ca 
Waterloo, Ont.   Canada   N2L 3G1