preventing a user to start a process
Eric Anderson
anderson at centtech.com
Mon Jul 25 20:22:13 GMT 2005
Thomas Krause wrote:
> Hello,
> is it possible to bar a user (www) from starting a process?
> I've a irc daemon running under the uid www. I think
> this was done by php. What would be the best way to prevent
> this (php should be remain usable)? I've installed ipfw rules,
> but this doesn't prevent the starting of the process.
Change the permissions on the file to not allow world execution?
chmod 750 /path/to/irc-daemon
and make sure it isn't owner by www user, and the www user is not in the
group that owns the daemon.
Eric
--
------------------------------------------------------------------------
Eric Anderson Sr. Systems Administrator Centaur Technology
A lost ounce of gold may be found, a lost moment of time never.
------------------------------------------------------------------------
More information about the freebsd-isp
mailing list