LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-08-2005, 10:14 PM   #1
rblampain
Senior Member
 
Registered: Aug 2004
Location: Western Australia
Distribution: Debian 9.2
Posts: 1,199

Rep: Reputation: 51
Action triggered by illegal applications.


We're planning a server with a strictly limited set of applications. Is there a way to detect the starting of an illegal application or activity on this server and take some action?

Any comment, links, hints most welcome.
 
Old 08-08-2005, 10:16 PM   #2
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 128Reputation: 128
Why not just remove execute permissions on applications you don't want users executing? You can set up a trusted execution group for those who could use them. If you need more control, you could use ACLs.
 
Old 08-09-2005, 12:01 AM   #3
primo
Member
 
Registered: Jun 2005
Posts: 542

Rep: Reputation: 34
If you want a restricted environment, you may use chroot effectively on a case-by-case basis.

There are many approaches to system monitoring...

There's process accounting. See acct(5) and acct(2)
 
Old 08-09-2005, 12:04 AM   #4
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 128Reputation: 128
If you want them to have only a restricted shell (if any at all), also set the users shell value to rbash. Look in the bash man page for more details.
 
Old 08-09-2005, 09:01 AM   #5
rblampain
Senior Member
 
Registered: Aug 2004
Location: Western Australia
Distribution: Debian 9.2
Posts: 1,199

Original Poster
Rep: Reputation: 51
Thank you all. It looks like ACL is what I needed, I was unaware of its existence.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Can you believe this, This should be illegal!!!!! BajaNick General 6 11-19-2005 11:38 AM
executing a time-triggered script leosuth Programming 7 06-02-2004 08:15 AM
This should be illegal Kovacs General 32 05-21-2004 03:58 PM
Who is Knowing about daemon applications and how to develop these applications? ms_890 Linux - Software 0 04-14-2004 02:04 AM
illegal or not? doralsoral Linux - Software 3 01-31-2004 03:52 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:01 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration