Ken Jones <[EMAIL PROTECTED]> writes:
> The best solution i've seen is to group all the programs that are
> possible security holes, like in.telnet and compilers, to a new
> group. And only allow members of that group to execute the programs.
If you go that direction, you don't want to do it that way. Instead, you
group all the programs that you're pretty sure *aren't* possible security
holes and you remove people's ability to execute anything else.
And as other people mentioned, if you take this route, you also need to
make sure that your users don't have write access to any file system
mounted without -noexec. And make sure that they can't execute any
interpretor, since you can execute interpreted programs even from a
-noexec file system. And... um... they'd better not have shell access
then. And....
This isn't an easy thing to do.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
