|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Sebastian Krahmer (krahmer
suse.de)Date: Wed Apr 25 2001 - 12:25:46 CDT
On Wed, 25 Apr 2001, Peter van den Heuvel wrote:
> Yo,
>
> > To effectively prevent such 'attacks', use the
> > "userdel" program which was wriiten for such purposes.
>
> Yeah,
>
> Disconnect power is just as usefull.
No, it would require physical access :)
I still prefer userdel.
>
> >From the man page:
>
> CAVEATS
> userdel will not allow you to remove an account if the
> user is currently logged in. You must kill any running
> processes which belong to an account that you are delet-
> ing.
>
> I think this one is too easy and something should be done, specially if
> "this one is rather old". I've not heard one single argument why this
Yes, although its not easy.
This issue comes up one or two times each year.
Usually you give trusted ppl access to your machine.
If they start fork-bombing or alike its reason enough
to remove them.
I don't know if Linux's tracking system of who is using
how much of what suffices now or should be extended.
Just decreasing or disallowing things isnt a solution,
because even some security breaches come up due to
'just decrease' behavior (as seen with old capability bug
for example).
bye,
Sebastian
-- ~ ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]