Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!rex!spool.mu.edu!news.cs.indiana.edu!ux1.cso.uiuc.edu!midway!clout!chinet!les
From: les@chinet.chi.il.us (Leslie Mikesell)
Newsgroups: comp.unix.programmer
Subject: Re: How to set up multi-user accounts?
Message-ID: <1991Jun20.193921.9768@chinet.chi.il.us>
Date: 20 Jun 91 19:39:21 GMT
References: <23182@shlump.lkg.dec.com> <5485@risky.Convergent.COM> <798@minya.UUCP>
Organization: Chinet - Chicago Public Access UNIX
Lines: 27

In article <798@minya.UUCP> jc@minya.UUCP (John Chambers) writes:

>So further research is necessary on how to kludge a multi-user account
>so  that it works sensibly, without using super-user privileges.  Does
>anyone have any clever ideas?

Personally, I think it's easier all around to just give everyone their
own account since the administrator has to deal with that for some
users anyway and everything more or less takes care of itself, including
file ownership and accounting mechanisms.  If I were concerned about
security, I'd probably set up a chroot environment that looked like
a different machine and tweak the mailer to deliver things addressed
to that machine or subdomain to the right place.  Recent SysV's have
some support in login(1) to make certain id's perform a chroot and
then run login again from there, so internally you could have a different
administrator to maintain the sub-password file.  I'm not sure if
anyone actually uses this.  It doesn't really give perfect security
since root in the sub-login can mknod() a device driver that points
to the real disks or kmem.
The sub-domain or different machine name would work as well without
the chroot, though, as long as the mailer will handle it.  I've only
worked with Smail3, which could be configured to do it easily, or
you could use a prefix or suffix with a unique identifier and set up
a delivery method based on that.

Les Mikesell
  les@chinet.chi.il.us