[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] taking away admin's shell access
- Subject: Re: [cobalt-security] taking away admin's shell access
- From: Martin Moeller <martin@xxxxxxx>
- Date: Wed, 4 Oct 2000 09:17:08 +0200 (CEST)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Diana,
Try altering admin's shell to /bin/badsh in /etc/passwd. Just be sure to
test the web interface before logging out ;).
Normally the shell will be set to /bin/bash. /bin/badsh is Cobalts way of
disallowing people access which gives a nice little blurb about no shell
access if they try. That *ought* to do it, as long as the web interface
does not need admin shell access...
Regards,
/Martin Moeller.
On Tue, 3 Oct 2000, Diana Brake wrote:
> Hi,
>
> Can anyone tell me how to take away the "admin" user shell access? After a
> particulary concerted effort to break into my system, I'm trying to further
> secure things, and I wish to remove shell access for any ID that might
> possibly be associated with the Cobalt system. There doesn't seem to be a
> "checkbox" for denying admin this right. Is there some way to do this
> through the shell? If so, explicite directions would be appreciated.
>
> Realizing that I do need access, I've already created a user that will have
> no use except to be the shell user..and this user is able to su to
> root...tested and retested..:)
>
> thanks,
> Diana Brake
> Crest Communications, Inc. diana@xxxxxxxxxxxxx
> Beautiful Sunny Florida http://crestcommunications.com/
> 352-495-9359, 425-732-9785 fax
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
>