I plan on allowing a user to remotely login to my linux box with a GUI.
How can I best lockdown the system so the can't do any damage?
(I know there's a lot to do, links would be appreciated.)
Thanks, Jim
_________________________________________________________________ Find sales, coupons, and free shipping, all in one place! MSN Shopping Sales & Deals http://shopping.msn.com/content/shp/?ctid=198,ptnrid=176,ptnrdata=200639
Jim Douglas wrote:
I plan on allowing a user to remotely login to my linux box with a GUI.
How can I best lockdown the system so the can't do any damage?
(I know there's a lot to do, links would be appreciated.)
Please define "so they can't do any damage". One possibility is to make them run with a restricted shell. Another is to provide your own shell. Another might be to make them run in a chroot environment. What are you trying to protect against? Until you answer that question, you cannot take steps to prevent "damage". So, define "damage", and then you can take steps. Also, ask yourself "How much effort and money am I willing to spend?"
Mike
At 6:33 PM +0000 1/3/07, Jim Douglas wrote:
I plan on allowing a user to remotely login to my linux box with a GUI.
How can I best lockdown the system so the can't do any damage?
(I know there's a lot to do, links would be appreciated.)
Give the user their own account, that's what user accounts are for. As long as you don't add them to any other groups, they'll only be able to muck about in their own home directory (and in any world-writable files on the system -- there won't be many). OK, they can also make files in /tmp, and try to exploit any unpatched security holes.
I plan on allowing a user to remotely login to my linux box with a GUI.
How can I best lockdown the system so the can't do any damage?
(I know there's a lot to do, links would be appreciated.)
A good start would be to:
Mount /tmp /var and /usr/local as noexec and nosuid.
Tune selinux or go through the pain of installing something easier to understand like RSBAC (http://www.rsbac.org/).
If the machine is not a mail server, be sure that Sendmail/Postfix is configured to only send mail to/from the localhost. This greatly depends on what other users will be using this machine of course.
Lock down your outgoing ports as well as the incoming on your firewall (hopefully not the same machine).
Disable the FTP server or better yet, remove the package altogether.
That's all I can think of at the moment. A better understanding of what the user will be expected to do would make it much easier.