At 6:33 PM +0000 1/3/07, Jim Douglas wrote: >I plan on allowing a user to remotely login to my linux box with a GUI. > >How can I best lockdown the system so the can't do any damage? > > >(I know there's a lot to do, links would be appreciated.) Give the user their own account, that's what user accounts are for. As long as you don't add them to any other groups, they'll only be able to muck about in their own home directory (and in any world-writable files on the system -- there won't be many). OK, they can also make files in /tmp, and try to exploit any unpatched security holes. -- ____________________________________________________________________ TonyN.:' <mailto:tonynelson@xxxxxxxxxxxxxxxxx> ' <http://www.georgeanelson.com/>
