On Wednesday 12 April 2006 16:04, Ajitabh Pandey wrote: > I have blocked cron access for everybody except root. > Now is there any way I can do to prevent them from > running a daemon or opening ports for communication. > Something like terminating a program launched by > particular owners automatically if they runs for more > than a certain time.
I don't think running for a long time makes a program daemon. That is wrong way of detecting if something is daemon. Correct way would be to employ some kind of RBAC, grsecurity, selinux or something similar, may be capabilities in linux 2.6 kernels. I liked NetBSD's systrace concept. It limits a program to certain pre-configured syscalls. So if you take away listen privilages, the program cannot accept network connections. I thought apparmour from novel is similar but from the source code download, I couldn't see a way to install it except unless you are running suse, which I am not. Just a thought.. Shridhar ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 _______________________________________________ linux-india-help mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/linux-india-help
