LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Access Levels (http://www.linuxquestions.org/questions/linux-security-4/access-levels-213220/)

Obie 08-04-2004 05:27 AM

Access Levels
 
I did ask in the past what folders users should never have access to and if I remember correctly I was told that users should never have access to /usr/sbin. Is there a definitive guide that includes what else users shouldn't have access to a far as folders and files are concerned?

Secondly, what commands should a user not have access to E.g. Would it be safe to provide the "whereis" command for example?

unSpawn 08-28-2004 04:58 AM

I did ask in the past what folders users should never have access to and if I remember correctly I was told that users should never have access to /usr/sbin.
Acces in what respect?


Secondly, what commands should a user not have access to E.g. Would it be safe to provide the "whereis" command for example?
Again depends on the reasons and means ppl will/should have access to binaries. If you're providing one-service access (unprivileged users with a /bin/false shell account or a virtual account) it's not sane to provide access to for instance development tools.


All times are GMT -5. The time now is 11:05 AM.