Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
01-08-2005, 10:25 PM
|
#1
|
|
Member
Registered: Apr 2004
Posts: 49
Rep: 
|
disable write in file system
How would I go about disabling write permission to the whole hard drive for a particular user?
|
|
|
|
|
01-08-2005, 11:47 PM
|
#2
|
|
Member
Registered: Nov 2003
Location: Bloomington, IL, USA
Distribution: Fedora Core 3
Posts: 126
Rep:
|
You could add the appropriate "umask" identifiers to the file /etc/fstab
|
|
|
|
|
01-09-2005, 08:14 AM
|
#3
|
|
Senior Member
Registered: Jan 2004
Location: Montpellier (France)
Distribution: Gentoo
Posts: 1,014
Rep:
|
Hello,
probably a bit harder, 'cause with ar1's method "user" will always be able to write its own /home directory... unless you also set "umask" permissions correctly in user's config file and then lock these files (for example chattr +i ~/.bashrc)
Oliv'
|
|
|
|
|
01-12-2005, 07:52 PM
|
#4
|
|
Member
Registered: Apr 2004
Posts: 49
Original Poster
Rep:
|
Ok, i know this might seem a bit involved, but is there any way to COMPLETELY secure a linux system so that without the root password, the user can not do anything malicious? Also, If I do edit the fstab, where would I put the user name. I've read some things about it, and the five columns provide nowhere for individual access rights.
|
|
|
|
|
01-13-2005, 07:23 AM
|
#5
|
|
Senior Member
Registered: Jan 2004
Location: Montpellier (France)
Distribution: Gentoo
Posts: 1,014
Rep:
|
Quote:
|
Ok, i know this might seem a bit involved, but is there any way to COMPLETELY secure a linux system so that without the root password, the user can not do anything malicious?
|
I think that's impossible  Of course you can secure your system so that anything malicious will never happen... but you can't be sure. For example a new kernel flaw appear, the attacker exploits this flaw and gain root privileges 
Quote:
|
Also, If I do edit the fstab, where would I put the user name. I've read some things about it, and the five columns provide nowhere for individual access rights.
|
in the fouth column... with the options "umask=" or "user="... see man mount and the corresponding FS for more info
Oliv' |
|
|
|
All times are GMT -5. The time now is 10:03 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
