Date: Mon, 25 Jul 2005 13:29:00 -0700 From: "Gustavo A. Baratto" <gbaratto@superb.net> To: "Thomas Krause" <freebsd-isp@chef-ingenieur.de>, <freebsd-isp@freebsd.org> Subject: Re: preventing a user to start a process Message-ID: <01b001c59157$806bae10$7201a8c0@guinness> References: <42E54654.1090705@chef-ingenieur.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Use php safe_mode. This will prevent the execution of external commands from php. Depending on you what you mean by "usable", this may be a problem. Or make sure php doesnt allow uploads to /tmp or /var/tmp (disable FTP in PHP). This will prevent the ircs or any other scripts to be uploaded in the first place. ----- Original Message ----- From: "Thomas Krause" <freebsd-isp@chef-ingenieur.de> To: <freebsd-isp@freebsd.org> Sent: Monday, July 25, 2005 1:06 PM Subject: preventing a user to start a process > Hello, > is it possible to bar a user (www) from starting a process? > I've a irc daemon running under the uid www. I think > this was done by php. What would be the best way to prevent > this (php should be remain usable)? I've installed ipfw rules, > but this doesn't prevent the starting of the process. > > Kind regards, > Thomas. > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01b001c59157$806bae10$7201a8c0>