Date: Sun, 17 Oct 1999 07:06:12 +1000 From: Sue Blake <sue@welearn.com.au> To: freebsd-security@freebsd.org Subject: allowing telnet from locked terminal Message-ID: <19991017070610.E12725@welearn.com.au>
next in thread | raw e-mail | index | archive | help
I use a machine in a fairly secure area. When I'm away, if someone
rushes in to respond to a crisis they will want to use my machine to
telnet (and maybe ping) to another.
That's fine, but I don't want it to be easy for them to see/touch my
other work which they're not interested in anyway. The people are
trustworthy but will be unfamiliar with the machine and could press
random buttons when working in panic mode. Periods away include coffee
breaks, overnight, and weekends.
Is there some quick way to remove convenient access to all but one
virtual console whenever I leave the room?
How safe and practical would it be to set up a user who is only
allowed to execute telnet and ping, or better whose shell is a script
offering a dialog(1) menu, and leave that user always logged in?
--
Regards,
-*Sue*-
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991017070610.E12725>