On Tue, 2003-08-19 at 19:05, David Guntner wrote: > Jack Coates grabbed a keyboard and wrote: > > > > On Mon, 2003-08-18 at 22:47, David Guntner wrote: > > > I have a user login name that is used to run a game server process > > > (Neverwinter Nights, if it matters :). > > > > > > I don't know if it's possible for a remote user to crash the game process > > > in a way which would leave them sitting in a shell, but since I don't know > > > that the chances are 0%, I'm thinking that having the login name chroot > > > jailed to its home directory would limit the damage that someone could do > > > if they *did* somehow manage to end up in a shell via a server process > > > crash. > > > > > > Is there a way to to this? > > > > Look at the user's line in /etc/password. At the end is the shell > > they'll be given. chroot them there. > > Er, all that does is just show me which shell they're logging in to use. > I'm at a loss as to how that will restrict them to their own home directory > as being / to them when logged in - thus keeping them away from the rest of > the system. Could you please provide some specifics? > > --Dave
how about changing /bin/bash to chroot /new/root /bin/bash? Be aware that bash expects a whole lotta stuff to be around, which you'll need to recreate under the new root. -- Jack Coates Monkeynoodle: A Scientific Venture...
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
