From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tom@tomstroubleshooting.com>
Received: from QMTA05.westchester.pa.mail.comcast.net
	(qmta05.westchester.pa.mail.comcast.net [76.96.62.48])
	by speech.braille.uwo.ca (Postfix) with ESMTP id 2E21C10A5E
	for <speakup@braille.uwo.ca>; Fri, 19 Sep 2008 17:14:26 -0400 (EDT)
Received: from OMTA03.westchester.pa.mail.comcast.net ([76.96.62.27])
	by QMTA05.westchester.pa.mail.comcast.net with comcast
	id Gbf01a00B0bG4ec55lEY49; Fri, 19 Sep 2008 21:14:32 +0000
Received: from ZEUS ([76.110.120.247])
	by OMTA03.westchester.pa.mail.comcast.net with comcast
	id GlEW1a00K5LMboU3PlEXWG; Fri, 19 Sep 2008 21:14:32 +0000
X-Authority-Analysis: v=1.0 c=1 a=_fX292zZxAwA:10 a=2oGu6SpGKQ0A:10
	a=Bw3JSddfAAAA:8 a=3EAWN9ttAAAA:8 a=JzbhPzdDbdoisdWysJgA:9
	a=MgolFZ4q1gzMxLwfLg5g50VUiOcA:4 a=W68FkdOO9sQA:10 a=gi0PWCVxevcA:10
From: "Tom Moore" <tom@tomstroubleshooting.com>
To: "'Speakup is a screen review system for Linux.'" <speakup@braille.uwo.ca>
References: <000801c919bd$e9540200$4200a8c0@tdsportable>
Subject: RE: making secure limitations for non-root users
Date: Fri, 19 Sep 2008 17:14:35 -0400
Message-ID: <60EC16C3E6284C1F88ED52622355D343@ZEUS>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
In-Reply-To: <000801c919bd$e9540200$4200a8c0@tdsportable>
Thread-Index: AckamNBev3DuyJP9StiInJ29p72UpgAA5XNg
X-BeenThere: speakup@braille.uwo.ca
X-Mailman-Version: 2.1.11
Precedence: list
Reply-To: "Speakup is a screen review system for Linux."
	<speakup@braille.uwo.ca>
List-Id: "Speakup is a screen review system for Linux."
	<speakup.braille.uwo.ca>
List-Unsubscribe: <http://speech.braille.uwo.ca/mailman/options/speakup>,
	<mailto:speakup-request@braille.uwo.ca?subject=unsubscribe>
List-Archive: <http://speech.braille.uwo.ca/pipermail/speakup>
List-Post: <mailto:speakup@braille.uwo.ca>
List-Help: <mailto:speakup-request@braille.uwo.ca?subject=help>
List-Subscribe: <http://speech.braille.uwo.ca/mailman/listinfo/speakup>,
	<mailto:speakup-request@braille.uwo.ca?subject=subscribe>
X-List-Received-Date: Fri, 19 Sep 2008 21:14:26 -0000

I don't quite remember the name of a kernel patch that has some things in it
that will allow you to tighten down your system far better than the normal
kernel when it comes to limiting users.

First off, you shouldn't allow users to run server type processes unless you
have too. You should run them, then grant the user access to read log files
from the processes and such. This is so that you know all services /
processes that are running on your machine.

Tom

-----Original Message-----
From: speakup-bounces@braille.uwo.ca [mailto:speakup-bounces@braille.uwo.ca]
On Behalf Of Tyler Littlefield
Sent: Thursday, September 18, 2008 2:40 PM
To: Speakup is a screen review system for Linux.
Subject: making secure limitations for non-root users

Hello,
I've got a quick couple of questions:
First, I'd like to allow users to connect and host a mud on my system.
I would, however like to limit them in disk space (I can figure that one
out), in port usage (not sure how to do this one, would like to limit what
ports they can open), programs they can run, and also what they can view on
the system.
Any ideas?


Thanks,
_|_|_|_|_|  _|        _|_|_|_|            
    _|      _|_|_|    _|          _|_|_|  
    _|      _|    _|  _|_|_|    _|        
    _|      _|    _|  _|        _|        
    _|      _|    _|  _|_|_|_|    _|_|_|  
Visit TDS for quality software and website production
http://tysdomain.com
msn: tyler@tysdomain.com
aim: st8amnd2005
skype: st8amnd127
_______________________________________________
Speakup mailing list
Speakup@braille.uwo.ca
http://speech.braille.uwo.ca/mailman/listinfo/speakup