I've read that PAM can be used to restrict HTTP access for some users, but I can't figure out how to do it in Ubuntu 12.04.
The `/etc/security/time.conf` man page contains this example:
Quote:
All users except for root are denied access to console-login at all times:
Code:
login ; tty* & !ttyp* ; !root ; !Al0000-2400
|
For this to work, `/etc/pam.d/login` needs to have a line
Code:
account requisite pam_time.so
This example works, and I tried to adapt it to limit HTTP access from the console. I added
Code:
http ; tty* & !ttyp* ; !root ; !Al0000-2400 # will fix "time" later
to `/etc/security/time.conf`, and created `/etc/pam.d/http` with
Code:
account requisite pam_time.so
This doesn't work. I can still use `wget` as non-root from the console.