Prevent uid sharing or hot to allow use uid only once

John Dennis jdennis at redhat.com
Fri Jun 5 18:16:03 CEST 2009


Sergio Belkin wrote:
> What I meant if that employee John pass his coworker Joe their
> credentials, both user and password, well that could not be so
> terrible. Now, let's suppose then that your company organize an event
> an come 100 people, they want to use wireless network, so John comes
> and has the "great" idea of passing their credentials to attendants,
> so you have more than 100 people using the same uid and password at
> once...

BTW, if I were administering the network and discovered anybody had
divulged their login information to anyone else, never mind 100 other
users I would consider that grounds for permanent revocation of all
privileges. In many organizations such a security lapse would lead to
immediate termination of employment. Think about it, if someone did what
you've proposed what purpose is authentication serving? You might as
well set up open anonymous access.

There are other ways of handling a collection of "guests", set up a
short duration guest account and publish that information, after the
event disable the account.

-- 
John Dennis <jdennis at redhat.com>

Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



More information about the Freeradius-Users mailing list