Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )



Advanced DNS Management
New ZoneEdit. New Managment.

FREE DNS Is Back

Sign Up Now
 
Reply to this topicStart new topic
> Preventing Shell Change
Beethovan
post Feb 25 2004, 09:46 PM
Post #1


Whats this Lie-nix Thing?
*

Group: Members
Posts: 5
Joined: 11-February 04
Member No.: 2,351



Ok people, I've got another Linux security question for ya! I have setup my box as a server using ssh. I've made each user use rbash shell. i've disabled all the available shells except for rbash (duh), bash, and sh. If I disable bash or sh, all shells above them die (i.e., if i disable sh, bash and rbash die, if bash is disabled, rbash dies). I need to know how to prevent users from switching shells out. i dont know if sudo would work for this, but i need to keep them from accessing it. Any help would be greatly appreciated. Thanks.

Thomas
Go to the top of the page
 
+Quote Post
Corey
post Feb 26 2004, 01:38 PM
Post #2


Its GNU/Linuxhelp.net
*******

Group: Admin
Posts: 1,254
Joined: 21-September 02
From: St John's, Newfoundland, Canada
Member No.: 3



I don't know much about shells and how (or if) they interact with each other. The only thing I can think of off the top of my head is just change the permssions of the bash and sh executables to 700.

eg.
chmod 700 /bin/bash
chmod 700 /bin/sh

That will let root have RWX perms on them and no one else has any. This might not be a proper fix, and I don't know if it'll break anything else. Your best bet is to try it and wait to see if there are any problems.


--------------------
Corey Quilliam
(former) Linuxhelp.ca Administrator
cquilliam-AT-gmail-dot-com

Want to help out Linuxhelp.net? Check out our Linuxhelp Wiki and see if there are some articles you would like to submit!!

--
Ubuntu 8.04 64-bit - Work Laptop (HP-Compaq NC6400 Core2)
Kubuntu 8.04 64-bit - Desktop (HP m8120n QuadCore)
Ubuntu 6.04 - Server (I'm not upgrading this baby until support runs out in 2012) (Some old POS dell)
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 10th December 2017 - 07:29 PM