preventing a user to start a process
Roman Volf
volfman at keystreams.com
Mon Jul 25 23:13:48 GMT 2005
Thomas Krause wrote:
>
> the daemon was
> - downloaded
> - extracted
> - started
>
> by user www in dir /var/tmp, which has permission 1777
>
> Regards,
> Thomas.
>
remount /tmp with nosuid,noexec flags.
rm -rf /var/tmp
ln -s /tmp /var/tmp
This will prevent a program from being executed from /tmp. However, if
they upload a perl script they can still execute perl /tmp/script.
--
Roman Volf
Keystreams Internet Solutions
volfman at keystreams.com
More information about the freebsd-isp
mailing list