This actually seems like more of a RADIUS issue than a
Portmaster-specific thing, but here it is anyway:
We use Livingston's radiusd v1.16 here, running on a linux machine. We
have a DEFAULT entry of CSLIP and Password = "UNIX". We offer a service
type whereby one may purchase an account that has one login name
available, but several POP boxes under that one login name. They are not
supposed to be able to login under the mailbox name, but must login under
the "master account" name, and then use a separate mail config to read
their personal email. For ease of user/password maintenance, the POP
server is the same machine as the radius server; all user accounts are
kept on the same machine.
We have noticed that *anyone* with an account on that machine can dial and
login and be set up with the DEFAULT settings from the radius users file,
even if that user is *not* in the users file. **This includes root***
Is there a workaround for this that anyone knows about? If not, does
merit's radiusd behave the same way? Everyone try to dial and login as
root (not !root) with the root password of the radius server, and see what
happens.
Chris Woods Senior System Administrator USAinternet, Inc.
GCS/CM/IT d- s++:+ a- C++++$ ULS++++$ P+++$>++++ L++++$ E W$ N+ !o
K++ !w--- !O !M-- !V-- PS+? !PE !Y+>++ PGP+ t+@ !5 X !R tv? b+ DI++
D+@ G++ e h---- r+++ y++++
cjwoods@usa1.net http://www.usa1.com 508-774-4700