(open) sshd timeout

[jdow]

From: "Tim" <ignored_mailbox at yahoo.com.au>

> On Mon, 2006-03-20 at 06:33 -0400, Jacques B. wrote:
>> Good idea about getting the idle time from the w command in the
>> .bash_logout.  However again that would be relying on a file that the
>> user can modify (their own .bash_logout file).  That is unless you
>> were to chmod the .bash_profile and .bash_logout to give execute only
>> access to the user.  Then they cannot override or change the settings
>> in .bash_profile, or change the w command in the .bash_logout.
> 
> Yes they can.  They have write access to their own homespace, so they
> can change the files in there.  They can delete that file and create
> their own replacement.

That can be dealt with if the owner is root and world read/execute is
permitted.

But that still does not stop somebody from using "export TMOUT=86400"
or something like that.

{^_^}