[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] pam_limit.so question



Hello!

I want to restrict user rights but give users ssh access.
The users may use ssh, scp, sftp, but should not alter the server, if
someone doesn't know much about scripting and for securing the server to
possible kiddies with console-account.
I setup following:

/etc/security/limits.conf

@admin        -
@users          hard    priority        17
@users          hard    maxlogins       2
@users          hard    core            0
@users          hard    cpu             10
@users          hard    data            8196
@users          hard    fsize           8196
@users          hard    memlock         2048
@users          hard    nofile          64
@users          hard    nproc           8
@users          hard    rss             8196
@users          hard    stack           2048
@users          hard    as              16384

What setting is needed, what settings are O.K. and what makes working
impossibles canot be found in the manpage.

Is there a possibility to secure the server, that users in group users
cannot open socket without a kernel-patch?

Any hints?

Philippe


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here