Date: Fri, 16 Feb 2001 14:09:25 GMT From: Cliff Sarginson <cliff@raggedclown.net> To: Vlad Skvortsov <vss@ulstu.ru>, freebsd-questions@FreeBSD.ORG Subject: Re: read-only / Message-ID: <E14TlZd-0008MR-00@post.mail.nl.demon.net>
next in thread | raw e-mail | index | archive | help
> On Fri, Feb 16, 2001 at 01:20:32PM +0000, Cliff Sarginson wrote: > > That is shell access server. The configuration has to be secure because > we have not much time to watch this box. Everything what's possible is set > to r/o; r/w partitions are quotas enabled, noexec and nodev flags are on. > The only filesystem left "unsecure" is /. > I would have sais that you should look into putting your users into a "jail" or consider the use of a restricted shell; this should be enough to keep them locked up :) Much less messy ... Cliff Since I have never tried it I must say I am slightly suprised you can even logon at all if the /dev permissions cannot be changed. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E14TlZd-0008MR-00>