Nicolas George writes:
> - crontabs or atjobs that download instructions from the web;
Removing the user's crontab and any at jobs should do, after adding the
user to /etc/at.deny and /etc/cron.deny. IMO cron's a handy service but
you might still deny access to it by default.
Systemd stuff migh
On Sat, Feb 04, 2023 at 11:40:49AM +0100, Henning Follmann wrote:
> On Fri, Feb 03, 2023 at 04:27:06PM +0100, Nicolas George wrote:
> > Hi.
> >
> > When there is a suspicious access to a user account, we want to lock
> > this account until we made sure. So “:-:” in /etc/shadow and shell to
> > /bi
On Fri, Feb 03, 2023 at 04:27:06PM +0100, Nicolas George wrote:
> Hi.
>
> When there is a suspicious access to a user account, we want to lock
> this account until we made sure. So “:-:” in /etc/shadow and shell to
> /bin/false, and “sudo -u user kill -9 -1”.
>
> But, at least with the default co
On 2023-02-03 at 11:12, Greg Wooledge wrote:
> On Fri, Feb 03, 2023 at 04:27:06PM +0100, Nicolas George wrote:
>
>> - crontabs or atjobs that download instructions from the web;
>>
>> - .procmailrc or “|something” in .forward;
>>
>> - probably one or two mechanisms I forgot about.
> Any proces
On Fri, Feb 03, 2023 at 04:27:06PM +0100, Nicolas George wrote:
> - crontabs or atjobs that download instructions from the web;
>
> - .procmailrc or “|something” in .forward;
>
> - probably one or two mechanisms I forgot about.
systemd --user units and timers.
Any process currently running unde
Hi.
When there is a suspicious access to a user account, we want to lock
this account until we made sure. So “:-:” in /etc/shadow and shell to
/bin/false, and “sudo -u user kill -9 -1”.
But, at least with the default configuration, these will not block:
- crontabs or atjobs that download instruc
6 matches
Mail list logo
