LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-15-2009, 11:33 AM   #1
jrandles
LQ Newbie
 
Registered: Jan 2009
Posts: 1

Rep: Reputation: 0
account with uid 77777777 , guest id , how do I block access ?


Im trying to send nfs connections with uid 77777777 to a black hole to restrict access. How do I do this ?
 
Old 09-15-2009, 09:07 PM   #2
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,311

Rep: Reputation: 2040Reputation: 2040Reputation: 2040Reputation: 2040Reputation: 2040Reputation: 2040Reputation: 2040Reputation: 2040Reputation: 2040Reputation: 2040Reputation: 2040
I don't think Linux permissions tools really work that way ie actively disallow a specific uid.
It's more a case of only actively allowing everybody else.

You could look at netgroups+NIS http://www.linuxtopia.org/online_boo...g-exports.html
That page also mentions RHEL NFS can use acls; might be worth a try.

Maybe try putting that user in his own primary group eg guest/77777777, don't add any other secondary groups to him and and never allow any group/file to have guest group ownership (apart from his home dirs).

Also, of course set world ('other') perms to '---' everywhere you can.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
securing guest account mattydee Slackware 11 02-04-2008 11:36 AM
Linux + Kerberos + Active Directory + Account UID Mapping? humbletech99 Linux - Networking 2 02-02-2008 07:30 AM
is it legitimate and allowed and can be done to make another user account set uid and gid to null 0 to make another root account with different name and possibly not damage the debian system creating and using that new account BenJoBoy Linux - Newbie 12 01-29-2006 11:02 AM
Always map windows account to same uid. dcurrit Linux - Networking 2 10-25-2005 10:12 PM
Understanding the guest account calabash Linux - Networking 16 03-06-2004 03:49 AM


All times are GMT -5. The time now is 09:31 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration