On Tue, Oct 04, 2005 at 03:05:00PM -0600, Ross Werner wrote: > > Does that work to completely lock someone out? >
I guess it all depends on how you define completely locking someone out. A user can always find a world writeable directory such as /tmp and put a setuid binary there. Even if their account is completely deleted (removed from /etc/passwd), they can still access any files in their home directory as long as they can use someone else's account. :) [back in time] It reminds me of going over quota on an IRIX box (at least in the 1990s). If you didn't want to delete any files, you could just chown some of them to some other user. -- Andrew McNabb http://www.mcnabbs.org/andrew/ PGP Fingerprint: 8A17 B57C 6879 1863 DE55 8012 AB4D 6098 8826 6868
pgp9Ut7UDnP5O.pgp
Description: PGP signature
/* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
