Re: limitation of user a/c ( telnet service )

[edwardspl@xxxxxxxxxx]

Sam Varshavchik wrote:

edwardspl@xxxxxxxxxx writes:

竄 HTML content follows 罈
Les wrote:

On�Tue,�2007-02-06�at�23:06�+0800,�<URL:mailto:edwardspl@xxxxxxxxxx>edwar dspl@xxxxxxxxxx�wrote:
��

Dear�All,

How�can�we�limit�a�user�a/c�when�telnet�to�the�server�:
eg�:

[edward@svr1�~]$�ls�-l�-a
total�36
drwx------�3�edward�edward�4096�Feb��6�22:51�.
drwxr-xr-x�5�root���root���4096�Feb��6�22:50�..
-rw-------�1�edward�edward���14�Feb��6�22:52�.bash_history
-rw-r--r--�1�edward�edward���24�Feb��6�22:50�.bash_logout
-rw-r--r--�1�edward�edward��176�Feb��6�22:50�.bash_profile
-rw-r--r--�1�edward�edward��124�Feb��6�22:50�.bashrc
drwxr-xr-x�3�edward�edward�4096�Feb��6�22:50�.kde
-rw-r--r--�1�edward�edward��658�Feb��6�22:50�.zshrc
[edward@svr1�~]$

Prevent�user�"edward"�from�doing�the�following�:
modify�/�del�the�exiting�files�(�default�by�the�system�).

Allow�user�"edward"�create�/�del�/�modify�other�his�own�files�/�dirs.

Edward.
--�
����

Have�root�create�the�files�with�root�access,�then�put�the�world�read�and
execute�privilege�on�them.��Only�root�can�then�modify�them.

Regards,
Les�H

��

But when user "edward" login to the server by the telnet service, then he can modify the dot file...

1) No, he can't.  Not if the file is owned by root, with no other permissions.

2) If you allow telnet access, you have more problems to worry about.  Such as anyone with access to your local network, or your Internet provider's network, being able to capture your login passwords.

Sorry,

How can we limit a user a/c when telnet ( ssh-telnet ) to the server :
eg :

login as: edward
edward@xxxxxxxxxxx's password:
Last login: Wed Feb  7 11:56:44 2007
[edward@svr1 ~]$ ls -l -a
total 36
drwx------ 3 edward edward 4096 Feb  6 22:51 .
drwxr-xr-x 5 root   root   4096 Feb  6 22:50 ..
-rw------- 1 edward edward   45 Feb  6 23:09 .bash_history
-rw-r--r-- 1 edward edward   24 Feb  6 22:50 .bash_logout
-rw-r--r-- 1 edward edward  176 Feb  7 11:57 .bash_profile
-rw-r--r-- 1 edward edward  124 Feb  6 22:50 .bashrc
drwxr-xr-x 3 edward edward 4096 Feb  6 22:50 .kde
-rw-r--r-- 1 edward edward  658 Feb  6 22:50 .zshrc
[edward@svr1 ~]$

Prevent user "edward" from modifing / deleting the exiting ( dot ) files ( default by the system ).

Edward.