*** Well thinking about it a little further another possibility (without running local apps) is simply to create a change rooted environment for Netscape that doesn't contain an /etc/passwd file. You can then use the chroot command to launch netscape. :) On Tue, 3 Sep 2002, Jason A. Pattie wrote: > It would take a bit of work, but you may want to look into process-based > security projects, i.e., grsecurity, LIDS, Medusa DS9, LSM, etc.). This > would allow you to only allow those applications that explicitly need > access to files to be able to access them. So for example, the only > applications that need access to the /etc/passwd file are programs like > ls, ssh, passwd, etc. If you use grsecurity, for example, it has a > learn mode that will point you in the right direction for what files to > lock down and open up for a particular application. > > Hope that helps. > > Zoilo wrote: > > >On Tuesday 03 September 2002 17:51, John_Cuzzola wrote: > > > > > >>*** I'm not sure there is a way to stop it and even if there was there are > >>soooo many programs that would allow you to read /etc/passwd (basically > >>anything with a open file dialog). I wouldn't waste my time with > >>it. /etc/passwd has always been readable to the users (just make sure > >>/etc/shadow is not). > >> > >> > > > >Of course, I know that. > > > >But I am looking into a protected kiosk-environment with fully stripped IceWM > >window-manager; so there is nothing there to look around really, except for > >..... Netscape ! > > > >If I can stop Netscape (or another browser, don't care) from brwosing the > >filesystem, things get just a little nicer. > > > >Z. > > > > > >------------------------------------------------------- > >This sf.net email is sponsored by: OSDN - Tired of that same old > >cell phone? Get a new here for FREE! > >https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 > >_____________________________________________________________________ > >Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: > > https://lists.sourceforge.net/lists/listinfo/ltsp-discuss > >For additional LTSP help, try #ltsp channel on irc.openprojects.net > > > > > > > > > > ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.openprojects.net
