>>>>> "Steve" == Steve Meyer <firstname.lastname@example.org> writes: Steve> I have a question. Is there any way to restrict outbound access Steve> for all but a few users? You can check out the grsecurity patches, which are currently in sid (and probably woody too), package kernel-patch-2.4-grsecurity. I can't imagine that it would be any problem downloading the package and installing it on a potato box, though, if that's what you have, or you can get it from <URL:http://www.grsecurity.net/>. It works best with the latest kernel (currently 2.4.18). It actually works the other way around -- you add users that you don't want to have outbound access to a special group -- but you get the same effect. It also allows you to stop users from creating processes that listen on network ports too, which you probably would want to have too. -- Hubert Chan <email@example.com> - http://www.uhoreg.ca/ PGP/GnuPG key: 1024D/124B61FA Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA Key available at wwwkeys.pgp.net. Encrypted e-mail preferred.
Description: PGP signature