[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: how do I chroot for users.



>>> Alan DeKok wrote
>     One of the things I'm going to add to the kernel when I get time
> (and a spare machine) is the concept of "slave" users.  i.e. Anyone
> with uid within a certain range can't execute programs that they own.

On some of the firewalls I built in a past life, to be executable, a
file had to be owned by root, and couldn't have group or world writable
bit set. (And users couldn't chown files to someone else).

Stopped a huge range of attacks dead.

Anthony



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []