Jude DaShiell wrote:
> Those aliases need to be put in your .bash_profile file. That's the file
> that sets things up on interactive logins. The .bashrc file is for
> non-interactive logins. If you want to disable scp and sftp access for
> shell users of your machine all you need do is put a command in each
> account's .
Thanks. Still getting used to BSD's way of doing things. I used
group access for specific task types I want restricted, like access to
the mailx command, which makes a wondermous spammers tool. Also changed
the names of commands like attrib and used it to lock down programs,
keeping root kits guessing and less effective. What I really would've
liked to do is set up the security protocols to require that executables
also have attrib's indestructible bit set in order to run, and then
re-write attrib so that it could only be run from the local keyboard.
It could be used to set up a virus/worm proof system if they can't
upload and run anything without root permission. Just don't break
attrib or you'll have to reset the security protocols. from a bootup disk.
Michael
