>From: Valdis.Kletnieksat_private >... >Well, here's an oldie but goodie, which we first saw at least 3 years >ago. Lo and behold, it's apparently STILL broken. Sorry, no vendor >notification - we told them 3 years ago. ;) > >FlexLM 'lmdown' command will chow your license server from anywhere on >the Internet - all you need is a copy of the license file. The >authentication appears to be "Well, you appear to be root on the >machine that you typed 'lmdown' on". Have you looked at the switch options for lmgrd? If you had you would find that there is an option to limit the ability to take down the license daemons to a specific group, which basically stops what you are talking about. I think it is also possible to completely ignore a lmdown command since it would be possible to try all possible group ids. It is a bit of a problem that they set it up that way by default and since you need not run it as root, you should change the owner to something else, change the options and a clean up the way the log files work. You DO have the option of changing the functionality though, so you really can't blame them for your not looking at the man pages on the program. Kemasa.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:17:53 PDT