FreeBSD and User Security
Frank Shute
frank at shute.org.uk
Thu Jun 12 15:20:43 UTC 2008
On Wed, Jun 11, 2008 at 10:25:32PM +0200, David Naylor wrote:
>
> Hi All,
>
> Today I read an article describing how my government had lost ZAR200 000 000
> from fraud. This is just under $25 000 000. The article credited this loss
> largely due to the use of spyware.
>
> My question is how secure is FreeBSD (including KDE, GNOME and XFCE) to
> attacks, including cracking and spyware. In addition, is there anyway to
> prevent a user from executing a program that is not owned by root (i.e. any
> program installed by the user), this would prevent spyware being installed
> (assuming root has been properly locked down) and subsequently run.
>
> If anyone, in addition, has answers for Linux and *BSD it would be great to
> know as well.
You might want to have a look at using a restricted shell for users.
I know bash & pdksh have a restricted mode. A quick look at the
manpages for sh & csh suggests they don't. Bash and pdksh are in
ports.
Can't tell you which is best as I haven't used either in restricted
mode.
>
> Best Regards
>
> David
Regards,
--
Frank
Contact info: http://www.shute.org.uk/misc/contact.html
More information about the freebsd-questions
mailing list