Claude M. Schrader on 1 Oct 2010 13:22:33 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Blocking A Program From Running

On 16:12 Fri 01 Oct     , Matt Mossholder wrote:
>    On Fri, Oct 1, 2010 at 4:06 PM, Claude M. Schrader
>    <[1]> wrote:
>      I'm not sure theres any way really to prevent it from running, without
>      getting into the murky depths of SELinux, but the killall command in
>      cron
>      would be easy, and affective
>      Claude
>    Even that is easy to get around by renaming the program.  Unless you are
>    willing to go to some lengths to lock down the user's home directory (e.g.
>    no executables in the home dir or temp directories, etc.) plus a boat load
>    of other stuff.
>    It would probably be a LOT easier and more effective to deal with it as an
>    HR or related issue.
>         --Matt

you could always break /home off into its own LVM chunk and mount it and
/tmp as noexec. You would need to lock down thumb drives too, but they may
eventually run out of places to run it from if permssions on other
directories are locked down.

But yeah, by far the best way to deal with this is administratively.
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --