System Lockdown
Tony Nelson
tonynelson at georgeanelson.com
Wed Jan 3 22:05:22 UTC 2007
At 6:33 PM +0000 1/3/07, Jim Douglas wrote:
>I plan on allowing a user to remotely login to my linux box with a GUI.
>
>How can I best lockdown the system so the can't do any damage?
>
>
>(I know there's a lot to do, links would be appreciated.)
Give the user their own account, that's what user accounts are for. As
long as you don't add them to any other groups, they'll only be able to
muck about in their own home directory (and in any world-writable files on
the system -- there won't be many). OK, they can also make files in /tmp,
and try to exploit any unpatched security holes.
--
____________________________________________________________________
TonyN.:' <mailto:tonynelson at georgeanelson.com>
' <http://www.georgeanelson.com/>
More information about the fedora-list
mailing list