Restricting commands

redgore · 07-02-2002, 05:07 AM

Here is my situation. I give out shells on my machine to people that I trust. Yet recently one of my users had put a ping job on cron. I have removed him from the system but i want to stop it happening again. To do this i want to restrict cron jobs to my general user (the account i use) and root. I also want to restrict wall to the same accounts. How would i go about doing this?

unSpawn · 07-02-2002, 06:28 AM

For cron you could look into cron.(allow|deny), access to wall could be allowed tru sudo when you chop off the world rx bits.

*Since you're serving out shells and you found out tru a mild incident ppl can't always be trusted, Id like to suggest you look into a kernelpatch called GRSecurity (grsecurity.net). Read up on what it offers and if that suits you in helping cope with shell users.