www.seifried.org/lasg/
Kurt Seifried, kurt@seifried.org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://www.seifried.org/security/
----- Original Message -----
From:
On Mon, 1 Oct 2001, Ray Dillinger wrote:
I haven't seen this in the thread yet, but what I do is use /etc/permissions<whatever> to lock out the commands that I don't want normal users to use (like ping, netstat, nmap, etc).
That works, but it only stops honest users. A dishonest user will just put equivalent commands in his/her own /bin directory and ignore the fact that s/he is denied access to the ones everyone else uses.
This should be ommited by mounting the /home filesystem with the noexec flag.
I am newbie... how is the /home filesystem mounted with the noexec flag???
cu
Michael Muehle
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com