FSTAB + ilk and "other" permissions
Hi,
I run a headless Mandrake/10.1 box on my home network. I have created an untrusted user account for a coworker of mine to access the box. I only want her to access a few services (squid) and I want to prohibit read and write access to the rest of the hard drive. Is there any way I can move her outside of the "other" group as to deny that account to the rest of the system? Of particular concern is /etc/fstab, which includes lines to connect to passworded shares on my home PC, and I noticed that from her account she can open the file in vi and poke around. Since she is quite computer literate (we work in a computer sales shop) I do not want her being able to access anything.
While normally I could just make squid a public, password-protected proxy, the security strategy of my box is to expose only a few services to the outside world and protect the rest of them behind SSH tunneling.
It's not that I don't trust her not to poke around, but I am not comfortable with letting even a limited set of keys into anyone else's hands. Perhaps I am just paranoid, but I can imagine that most everyone here knows how far an ounce of prevention will go.
Thanks,
Tom
Last edited by darkportal_4; 07-13-2005 at 09:10 PM.
|