Re: How to limit it ?
> > > from his/her home directory.
> > but what happens when he/she run: /lib/ld-linux.so.2 $HOME/any_executable
> > ? It works!
> And what happens if s/he does 'ln -sf /etc/passwd moo' and then opens 'moo'?
> It works - your kernel code will look for /etc/passwd or passwd or whatever
> and not /home/lameuser/moo. On what level you will implement that call? VFS
> or FS? If you are soo worried about it, don't use dynamically linked
> binaries... But either way, I think that what you're talking about is an
> unjustified paranoia - if you don't want you users to know who's on the
> system, close each and every one of them in a chroot jail or deny shell
> access.
No, try free.net.pl, there are free shell accounts, they have such a
module and ln wont help you :)
>
> > > true. As a side note - tcsh takes half the memory bash consumes and has all
> > > the sprinkles bash does. :))
> > >
> > > > ulimit -d 2097148 -c 0 -n 64 -s 8192 -u 64 -l 4096 -m 4096 -v 8192
> > > >
> > > > and it is good enough for me.
> > > And what about your user who wants to use ash, sash, csh, ksh, zsh, rc,
> > > pdmenu or whatever other shell s/he ...
> > They first use bash ... but i'm not sure if bash leavs environment ...
> A bogus argument. They can change to some other shell, or invoke some other
> program directly using ssh - what will you do then??? Come up with a similar
> solution for every (un)imaginable shell? You said you have no time - but you
> are willing to waste time IMO.
>
So what is your sollution ?
G.
Reply to: