Re: Locking Down a Linux Box

From: ellipse (elliptic@cipherpunks.com)
Date: 01/07/02


Date: Mon, 7 Jan 2002 08:39:21 -0700 (MST)
From: ellipse <elliptic@cipherpunks.com>
To: egrejda@medebiz.net


> True - look at the rootkits that include copies of pico.

Even without pico, vi, emacs, or cat for that matter, the only way to
ensure that a local user couldn't edit files would be to pull down the
source of a shell, remove the "echo" functionality, remove redirects, and
alter the ability of pipes to only permit piping between certain commands.

Of course, what you have left of UNIX, or an operating system for that
matter, is subject to anybody's wildest guess.

ellipse