[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: (open) sshd timeout



From: "Tim" <ignored_mailbox yahoo com au>

On Mon, 2006-03-20 at 06:33 -0400, Jacques B. wrote:
Good idea about getting the idle time from the w command in the
.bash_logout.  However again that would be relying on a file that the
user can modify (their own .bash_logout file).  That is unless you
were to chmod the .bash_profile and .bash_logout to give execute only
access to the user.  Then they cannot override or change the settings
in .bash_profile, or change the w command in the .bash_logout.

Yes they can.  They have write access to their own homespace, so they
can change the files in there.  They can delete that file and create
their own replacement.

That can be dealt with if the owner is root and world read/execute is
permitted.

But that still does not stop somebody from using "export TMOUT=86400"
or something like that.

{^_^}


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]