HylaFAX The world's
most advanced open source fax server
|
|
[
Date Prev][
Date Next][
Thread Prev][
Thread Next]
[
Date Index]
[
Thread Index]
Re: linux: port 4559 + Hylafax doc.
Ralf Hoeller wrote:
i would like to say something about my "workaround"
because of Matthias Apitz's and Jonathan Chen's mails:
i see your problems (aaarrrrrggggghhhhh!!!!!) when somebody is
talkin about copying the passwordfile to another place and changes
the permissions, but ....
first of all it is much easier for "unauthorized people" to have a look
inside /etc/passwd than /var/spool/fax/hosts, because passwd has to be mode 644,
hosts have to be mode 600.
The file /etc/passwd must have 0644 permissions because there are
a lot of unpriviledged commands (like ls(1)) wanting to convert
a numeric uid/gid to teh name of the user. The problem of this
is the possibility of pw-cracking if the pw is also stored in
the /etc/passwd. Most modern UNIX'es hide the pw in an additional
file (like /etc/shadow) which has 0600 or 0400 setting.
The HylaFAX's spool/etc/hosts file is only read by priviledged
processes and can (must for security reasons) have 0600 mode.
next thing is that hosts has the same syntax as passwd and normally it contains
the same persons that you would like to allow using the fax.
Saying that host(4F) of HylaFAX and passwd(4F) of the system have
the same syntax means: you didn't read both man pages carefully.
The syntax of passwd(4F) on my SVR4.2 is:
login_name:password:uid:gid:comment:home_dir:login_shell
The syntax of hosts(4F) of HylaFAX is
client:uid:passwd:adminwd
I can't see the same syntax.
so if you remove the "unpersons" like daemons from your copy you have the same
what you need as hosts file.
Defintely wrong and dangerous, sorry.
and -- last but not least -- everything works fine now (but there are some
messages left: FaxQueuer[172]: No regular expression for modem class
and during boottime:
FIFO.ttyS3 cannot open no such file or device (something like that))
With this message I don't see how everything works fine for you.
but all this shows -- and i would like to point it out -- that Gabriel
Fernandez (in his mail: Hylafax-documentation) is absolutely right if he says
there is a need for a installation guide for linux-systems.
i was was never getting into this kind of trouble when i was installing flexfax
on my indy.
May be that there is a need of more documentation or installation
guide(s) for Linux. I'm not using Linux and can't answer this
question. I wrote a installation guide for SVR4.x to make
it easy to follow the steps through the system and to give
pointers to additional information or man pages.
I can clearly say is that I've never seen
a system with so much (and good) documentation as HylaFAX.
And I mostly see folks asking questions which they wouldn't
ask if they have read and understand the man pages and the
FAQ before.
matthias