Sorry for butting in again, but one possibility might be to do what is done
By Bastille Linux and make it impossible for users to compile anything on
the computer. Limiting that ability to root only. This wouldn't prevent a
binary load I know but if they can't compile and only root can access
/var/lib/rpm/packages.rpm it would severely cripple the ability of most
(not all but most) users from running any of these processes because they
can't easily load them onto the computer. I realize this might not be an
answer to what you need, but I hope it helps in some way.
Nightwriter
At 08:34 PM 7/11/00, you wrote:
>Deryk Barker wrote:
>
> > Thus spake Janar Kokk ([EMAIL PROTECTED]):
> >
> > > I think you didn't understood my question.
> > >
> > > I want to not allow my machine's users to run any backround processes
> such
> > > as eggdrop etc
> >
> > You can use ulimit to limit the number of processes, but don't set it
> > to 1 or they won't be able to run *anything* - bash (and other shells)
> > fork a new process for each command.
>
>And, to worsen matters, how would they run some of the ordinary programs
>that use
>background processes? I think it might be a bit to embedded to
>exclude. OTOH,
>if you have a list of what you do not want users to run... Easily done with
>permissions.
>
>And with ulimit, what about netscape? It runs as a child of a library process
>and each netscape window .... Errrk. Guess you wouldn't have asked if
>it was
>easy to figure out :-}.
>
>Civileme
>
>
>
