[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: how do I chroot for users.



gafton@redhat.com wrote:
> Not only that: if you give them a shell you loose. Writting an uudecode
> program in shell is so damn easy...

    One of the things I'm going to add to the kernel when I get time
(and a spare machine) is the concept of "slave" users.  i.e. Anyone
with uid within a certain range can't execute programs that they own.

  Give them gcc, and watch them cry "Permission denied? But I chmod +x'd it!"

  That would solve many problems at ISP's I know.  They'd still be
able to use buffer overruns, etc. to gain root, but it would be that
much harder for them to do anything.

  Alan DeKok.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []