[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Limiting User Commands

On Sun, 2004-11-07 at 14:54, Stephen Le wrote:
>  
> > Note that neither my approach nor yours really stops someone who is
> > determined - all of the functionality of the above programs could be
> > replicated in perl, python, etc, so you've only made it difficult, not
> > impossible.  Then there is ~/bin, where users can stash anything they
> > like, if you don't also regularly search /home for questionable files.
> > Even mounting it noexec isn't really a help - perl /path/to/script works
> > as well as /lib/ld-linux.so.2 /path/to/binary
> 
> I understand that users could still upload their own programs and run
> them, but users will do so at the risk of account suspension.
>  

Wouldnt the folks that are scared of account suspension be the least
likely threats? It's the folks that are willing to do stuff that they're
not supposed to that are problematic.

-davidc
Reply to: