Re: Debian for kids
On Wed, 2 Feb 2000, Ethan Benson wrote:
> auth requisite pam_listfile.so item=user sense=deny \
> file=/etc/deny.passwd onerr=succeed
>
> to the begining /etc/pam.d/passwd, and add any users who can't seem to
> use passwd command right to /etc/deny.passwd (or whatever). multiuser
> compatible!
As a start to kid proofing a machine, one could remove world permissions
on all potentially dangerous commands, passwd, chmod, chown, etc. Then
use sudo to return permission to those who are responsible.
Alex
Reply to: