My opinion...if you are going to let someone do that you should create an environment you don't care about and block it from the resources you do care about with iptables...create a DMZ of sorts... Jon Pastore RHCE, President IDE Tech, Inc. (954) 360-0393 Office (954) 428-0442 Fax Public Key: http://www.idetech.net/keys/jpastore.asc -----Original Message----- From: security-discuss-bounce@xxxxxxxxxxxxxxxxx [mailto:security-discuss-bounce@xxxxxxxxxxxxxxxxx] On Behalf Of bruce Sent: Friday, December 05, 2003 11:13 AM To: security-discuss@xxxxxxxxxxxxxxxxx Subject: Security Issues/Questions... Hi.. Being relatively new to Linux, I have a few questions concerning security. If there is a better/more appropriate site, I'd appreciate being pointed in that direction... I'm looking at setting up a few machines to allow users to access the machines and perform development work on the machines. By development, I mean the ability to actually run various scripting languages (Perl/PHP/etc...) and the ability to actually build/compile/run their C/C++ apps.... The idea is to setup a system that provides the functionality of www.sourceforge.com as well as the ability to build/test the applications.... My question has to do with the problem of creating an environment that's reasonably secure. Is there a way/ways to create this kind of environment such that a user can essentially have his/her own space and not somehow screw up the system. Are there pointers that you can provide to give me a better high level understanding of what this kind of environment would entail... Basically, we do not want the "ruthless" user to be able to create havoc through not having the system secured properly, or from being able to create an app that would in turn caus havoc. I've done the Google thing and come across the concept of chroot/jail but I have a lot more questions... Thanks in advance for any help/assistance with this issue... Hey... If you live close to me, I'd even buy you lunch!!! Thanks Bruce Douglas bedouglas@xxxxxxxxxxxxx (925) 866-2790 ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message.
