preventing a user to start a process
Thomas Krause
freebsd-isp at chef-ingenieur.de
Mon Jul 25 23:10:50 GMT 2005
Eric Anderson schrieb:
> Thomas Krause wrote:
>
>> Hello,
>> is it possible to bar a user (www) from starting a process?
>> I've a irc daemon running under the uid www. I think
>> this was done by php. What would be the best way to prevent
>> this (php should be remain usable)? I've installed ipfw rules,
>> but this doesn't prevent the starting of the process.
>
>
> Change the permissions on the file to not allow world execution?
>
> chmod 750 /path/to/irc-daemon
the daemon was
- downloaded
- extracted
- started
by user www in dir /var/tmp, which has permission 1777
Regards,
Thomas.
>
> and make sure it isn't owner by www user, and the www user is not in the
> group that owns the daemon.
>
> Eric
>
>
>
More information about the freebsd-isp
mailing list