The best solution i've seen is to group all the programs that are possible security holes, like in.telnet and compilers, to a new group. And only allow members of that group to execute the programs. Just like all the suid programs should be grouped. It's a pretty standard security lockdown method. Ken Inter7
- Re: Potential hole? Robert Varga
- Re: Potential hole? Petr Novotny
- Re: Potential hole? Russell Nelson
- mail users Ilya Krel
- Re: Potential hole? Jos Backus
- Re: Potential hole? Vince Vielhaber
- Re: Potential hole? Petr Novotny
- Re: Potential hole? Petr Novotny
- Re: Potential hole? Vince Vielhaber
- Re: Potential hole? Thomas M. Sasala
- Re: Potential hole? Ken Jones
- Re: Potential hole? Petr Novotny
- Re: Potential hole? Mark Delany
- Re: Potential hole? Nicolas MONNET
- Re: Potential hole? Russ Allbery
- Re: Potential hole? David Dyer-Bennet
- Re: Potential hole? Ken Jones
- Re: Potential hole? David Dyer-Bennet
