From owner-freebsd-questions Wed Jun 14 11: 9:38 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mail.rdc1.sdca.home.com (ha1.rdc1.sdca.home.com [24.0.3.66]) by hub.freebsd.org (Postfix) with ESMTP id 0834737B7D9 for ; Wed, 14 Jun 2000 11:09:36 -0700 (PDT) (envelope-from RaymundoVega@home.com) Received: from home.com ([24.5.252.61]) by mail.rdc1.sdca.home.com (InterMail vM.4.01.02.00 201-229-116) with ESMTP id <20000614180935.MSBJ25048.mail.rdc1.sdca.home.com@home.com>; Wed, 14 Jun 2000 11:09:35 -0700 Message-ID: <3947CA5F.28008858@home.com> Date: Wed, 14 Jun 2000 11:09:35 -0700 From: "Raymundo M. Vega" X-Mailer: Mozilla 4.7 [en] (X11; I; FreeBSD 3.2-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: James Howard Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Limiting Internet Access References: <200006141649.MAA01241@rac4.wam.umd.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG A simple solution is to use a specific group for your users and change permissions deniying execution of programs like telnet, ftp, etc. typing as root: cd /usr/bin chmod 750 telnet chmod 750 ftp etc etc raymundo James Howard wrote: > > Hey everyone. We are currnetly moving our BBS (www.arbornet.org) from > BSD/OS to FreeBSD. One of the limits we placed on users was that they > were not allowed to send outbound Internet traffic (ie, they could not > telnet out from our system, etc). > > Under BSD/OS (3.0) the kernel had been patched and checked for a > hard-coded list of groups (paying users had access, special binaries like > finger too). But I have heard that under FreeBSD, limiting like this is > is run-time configurable. How does this work? > > Thanks, Jamie > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message