Securing for shells

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I'm not a new person at Linux security and have been using the operating
system for three to four years now, though I normally don't venture into
shells.  However, I'm developing and testing a daemon that I don't quite
trust--while it is running as a restricted user, I don't quite know what
other things I should do to secure the system to make sure that a
regular user doesn't have access to files that he shouldn't.  I think
that finding out what files these are would essentially be the same
steps taken to secure a shell server.

I'm also considering setting up a shell server on a separate network.
Can anyone give me some other good pointers on securing a shell server?



Re: Securing for shells

Irayo wrote:
Quoted text here. Click to load it

One option is to use an application based firewall like SUSE's AppArmor.
Then you can effectively create a version of bash for a particular
user that can ONLY access what you want THAT user to be able to access.
Pretty slick... but perhaps overkill (??).

Site Timeline