On Fri, 18 Apr 2008 13:46:48 -0500 Paul Schmehl <[EMAIL PROTECTED]> wrote:
> Let me clarify. When I use the term "host", I'm referring to what > many would call a "personal workstation" or "personal computer". If > you have more than one person who has shell access to a computer, > then you no longer have a host. You have a server. Sure, you may not > think of it that way, but that's what it is. > > Servers are a completely different ballgame, and the decisions you > make regarding protecting them have everything to do with who has > access to what. The servers that I referenced in my post have one > person with root access - me > - and one user - the owners. No one else has access. So, it's a > great deal easier for me to lock down the boxes than it is, for > example, here at work, where *many* people have shell access and more > than one have root access through sudo or even su. Sorry for bikeshedding here, since it's just a matter of terminology, but... "Hosts" used to be multi-user machines for a long time, and actually still are. Most RFCs, including newer ones, refer to "hosts" and mean "nodes" on the net. They don't care whether the hosts are workstations used by a single or few user(s), or big multi-user machines with hundreds of shell accounts. "Server" is merely the role a program assumes when it waits passively for requests from "clients". "Servers" run on "hosts", regardless of the number of users on those hosts (ranging from 0 to very high). Obviously, the security implications vary considerably if you have to host many user accounts, esp. on hosts used by mission critical server programs. ;) And of course, the bikeshed has to be painted... red! :) Regards, -cpghost. -- Cordula's Web. http://www.cordula.ws/ _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"