RE: making secure limitations for non-root users

From: "Tom Moore" <tom@tomstroubleshooting.com>
To: "'Speakup is a screen review system for Linux.'"
	<speakup@braille.uwo.ca>
Subject: RE: making secure limitations for non-root users
Date: Fri, 19 Sep 2008 17:14:35 -0400	[thread overview]
Message-ID: <60EC16C3E6284C1F88ED52622355D343@ZEUS> (raw)
In-Reply-To: <000801c919bd$e9540200$4200a8c0@tdsportable>

I don't quite remember the name of a kernel patch that has some things in it
that will allow you to tighten down your system far better than the normal
kernel when it comes to limiting users.

First off, you shouldn't allow users to run server type processes unless you
have too. You should run them, then grant the user access to read log files
from the processes and such. This is so that you know all services /
processes that are running on your machine.

Tom

-----Original Message-----
From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca]
On Behalf Of Tyler Littlefield
Sent: Thursday, September 18, 2008 2:40 PM
To: Speakup is a screen review system for Linux.
Subject: making secure limitations for non-root users

Hello,
I've got a quick couple of questions:
First, I'd like to allow users to connect and host a mud on my system.
I would, however like to limit them in disk space (I can figure that one
out), in port usage (not sure how to do this one, would like to limit what
ports they can open), programs they can run, and also what they can view on
the system.
Any ideas?

Thanks,
_|_|_|_|_|  _|        _|_|_|_|            
    _|      _|_|_|    _|          _|_|_|  
    _|      _|    _|  _|_|_|    _|        
    _|      _|    _|  _|        _|        
    _|      _|    _|  _|_|_|_|    _|_|_|  
Visit TDS for quality software and website production
http://tysdomain.com
msn: tyler@tysdomain.com
aim: st8amnd2005
skype: st8amnd127
_______________________________________________
Speakup mailing list
Speakup@braille.uwo.ca
http://speech.braille.uwo.ca/mailman/listinfo/speakup