From owner-freebsd-isp Thu Sep 13 20:23:25 2001 Delivered-To: freebsd-isp@freebsd.org Received: from tsunami.acidpit.org (tsunami.acidpit.org [206.190.163.234]) by hub.freebsd.org (Postfix) with ESMTP id 04E4937B416 for ; Thu, 13 Sep 2001 20:23:21 -0700 (PDT) Received: (from rch@localhost) by tsunami.acidpit.org (8.11.3/8.11.3) id f8E3NJ763300 for freebsd-isp@FreeBSD.ORG; Thu, 13 Sep 2001 23:23:19 -0400 (EDT) (envelope-from rch@acidpit.org) Date: Thu, 13 Sep 2001 23:23:19 -0400 From: Robert Hough To: freebsd-isp@FreeBSD.ORG Subject: Re: protecting /sbin and /usr/local/sbin Message-ID: <20010913232319.B62967@acidpit.org> Mail-Followup-To: freebsd-isp@FreeBSD.ORG References: <20010912142752.A26055@xor.obsecurity.org> <20010913113439.G33971-100000@cithaeron.argolis.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010913113439.G33971-100000@cithaeron.argolis.org>; from piechota@argolis.org on Thu, Sep 13, 2001 at 11:37:51 -0400 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Sep 13, 2001, Matt Piechota wrote: > You could make it harder for them, but you're not going to be able to > stop them from running the commands in question. Sure you can, it's rather simple. :) # chsh -s /sbin/nologin -- Robert Hough (rch@acidpit.org) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message