From owner-freebsd-security  Mon Apr  1 21:56:53 2002
Delivered-To: freebsd-security@freebsd.org
Received: from russian-caravan.cloud9.net (russian-caravan.cloud9.net [168.100.1.4])
	by hub.freebsd.org (Postfix) with ESMTP id BA8A737B416
	for <Security@FreeBSD.Org>; Mon,  1 Apr 2002 21:56:47 -0800 (PST)
Received: from earl-grey.cloud9.net (earl-grey.cloud9.net [168.100.1.1])
	by russian-caravan.cloud9.net (Postfix) with ESMTP
	id A793E28B5D; Tue,  2 Apr 2002 00:56:46 -0500 (EST)
Date: Tue, 2 Apr 2002 00:56:46 -0500 (EST)
From: Peter Leftwich <Hostmaster@Video2Video.Com>
X-X-Sender:  <pete@earl-grey.cloud9.net>
To: Jesper Wallin <z3l3zt@phucking.kicks-ass.org>
Cc: FreeBSD Security List <Security@FreeBSD.Org>
Subject: Re: Stop usage of "who"? [doing things the hard way]
In-Reply-To: <1501.213.112.58.125.1017722696.squirrel@phucking.kicks-ass.org>
Message-ID: <20020402005030.D5931-100000@earl-grey.cloud9.net>
Organization: Video2Video Services - http://Www.Video2Video.Com
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Tue, 2 Apr 2002, Jesper Wallin wrote:
> Hey.. This night I was taking a look at the local security and decided to make
> this system more like a it was a huge wall between all the users.. The first
> thing I wanted to do was to limit the access to top and ps.. This was done

Did you want to limit the access to the top and ps binaries (type `man
chmod ; man chgrp`) or limit the information these binaries display?

> very easy with "sysctl -w kern.ps_showallprocs=0" and edit the
> /etc/sysctl.conf.. Now I want to stop usage of commands like w, who and

When I looked at `man sysctl` the manpage said that "-w" has been
deprecated (i.e. the powers that be discourage its use) and my
/etc/sysctl.conf file is basically empty except for comments.

> users.. I guess it must be able to change somewhere in the proc dir instead
> of changing the permissons on all the executables..

What?

> Another thing I want to do (if it's possible) is to add a default quota..

I love when people ask if something is possible!  Ahem, this is FreeBSD?!

> like, all new users who's being added will have about 500Mb of disk space..

In the /etc/rc.conf file
enable_quotas="NO"      # turn on quotas on startup (or NO).
check_quotas="NO"       # Check quotas on startup (or NO).
accounting_enable="YES" # Turn on process accounting (or NO).

Change the first two to "YES" and also check out `man quota` for info.

> Jesper aka Z3l3zT

What's a "zelezt?"

--
Peter Leftwich
President & Founder
Video2Video Services
Box 13692, La Jolla, CA, 92039 USA
+1-413-403-9555


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message