Date: Mon, 25 Jul 2005 15:21:59 -0500 From: Eric Anderson <anderson@centtech.com> To: Thomas Krause <freebsd-isp@chef-ingenieur.de> Cc: freebsd-isp@freebsd.org Subject: Re: preventing a user to start a process Message-ID: <42E549E7.4070606@centtech.com> In-Reply-To: <42E54654.1090705@chef-ingenieur.de> References: <42E54654.1090705@chef-ingenieur.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Thomas Krause wrote: > Hello, > is it possible to bar a user (www) from starting a process? > I've a irc daemon running under the uid www. I think > this was done by php. What would be the best way to prevent > this (php should be remain usable)? I've installed ipfw rules, > but this doesn't prevent the starting of the process. Change the permissions on the file to not allow world execution? chmod 750 /path/to/irc-daemon and make sure it isn't owner by www user, and the www user is not in the group that owns the daemon. Eric -- ------------------------------------------------------------------------ Eric Anderson Sr. Systems Administrator Centaur Technology A lost ounce of gold may be found, a lost moment of time never. ------------------------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42E549E7.4070606>