1 Oct
2001
1 Oct
'01
19:45
On Mon, 1 Oct 2001, Ray Dillinger wrote:
I haven't seen this in the thread yet, but what I do is use /etc/permissions<whatever> to lock out the commands that I don't want normal users to use (like ping, netstat, nmap, etc).
That works, but it only stops honest users. A dishonest user will just put equivalent commands in his/her own /bin directory and ignore the fact that s/he is denied access to the ones everyone else uses.
This should be ommited by mounting the /home filesystem with the noexec flag. cu Michael Muehle