One more question (i just made an ugly thought....but probably silly):
I need to make sure that in case the user account is compromised (though quite difficult i hope, as ssh does exactly this dirty job), the box will remane safe and the user won't be able to gain root privileges... The home directory is rw for the user. Is it possible to copy 'su' file from his remote machine to mine and then get root? I've already tried to do it myself and it didn't work, but i'd like some opinions on this.. Just to make sure what the proper procedure about securing the machine is. Thanx in advance... |
Quote:
You might also want to develop a group policy giving your users the appropriate privileges by that means. There is also a kernel extension for better granularity of rights than rwx, I just can't remember its name :rolleyes: but I think it's included in the coming SuSE 9.3 as an optional feature. Just google Novell / SuSE... |
Quote:
Quote:
Code:
find / -perm -4000 |
thanx a lot for the info.
i'll do that and to answer the first question, i didn't chmod /usr/bin, i only did it on /usr |
BTW: Might as well turn off execute permissions for directories as well. Makes it a little harder to search around because you need to guess an exact end path.
You're crippling a LOT of stuff here. I sure hope you are doing this in the chrooted evironment and not to the world. EDIT: Turning off the execute bit on the directories prevents people from cd'ing into them. |
Quote:
I'll read a bit about the folder permissions better, though i believe it's quite secure at this point.... If i make it to not even let cd into the folders, that will be the best! |
All times are GMT -5. The time now is 05:05 AM. |