Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

need to restrict program exec and running

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers need to restrict program exec and running
Prev   Next
# 1  
Old 09-15-2002
need to restrict program exec and running
I'm on Freebsd 4.5 stable, havin question of that kind:
I need to restrict programs running, like BitchX for example, which can be dowlnoaded by logged on user, and i cant set permissions to all users to prevent that program from executing. And ipfw doesnt help me because of i need to allow that user connect those ports. Any suggestions ? thx.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Programming

Simple shell running with exec family

# Erroneous question, so can be removed. (0 Replies)
Discussion started by: beginnerboy
0 Replies

2. UNIX for Dummies Questions & Answers

How to restrict the execution of same script if it is running already in nohup?

Hi, How can i restrict the execution of same script if it is running already in nohup Thanks (1 Reply)
Discussion started by: ranabhavish
1 Replies

3. Shell Programming and Scripting

Script Variables Inquiry, Values Okay in Standalone Exec, No-Show in Cron Exec

I have the following bash script lines in a file named test.sh. #!/bin/bash # # Write Date to cron.log # echo "Begin SSI Load $(date +%d%b%y_%T)" # # Get the latest rates file for processing. # d=$(ls -tr /rms/data/ssi | grep -v "processed" | tail -n 1) filename=$d export filename... (3 Replies)
Discussion started by: ginowms
3 Replies

4. Shell Programming and Scripting

How to restrict root user from running some commands

is it possible that we can restrict the root user if he runs some commands?? e.g i want if root runs command 'rm etc/passwd', he shoudn't be able to run command and throws error :confused: (3 Replies)
Discussion started by: sheelsadan
3 Replies

5. Shell Programming and Scripting

How to restrict running one instance of scp at any time in fsniper

How to restrict running one instance of scp at any time? (2 Replies)
Discussion started by: proactiveaditya
2 Replies

6. Programming

How forbid use fork() in exec() program.

Hello World! I am writing code in C++ which have to launch another application X using exec(). I would like to set some limits on it using setrlimit etc... My problem is that i don't know how to forbid using fork() and strlimit by application X. How can i do it? (3 Replies)
Discussion started by: kzi
3 Replies

7. Shell Programming and Scripting

Help with Running More than One Program

Folks, I'm really new to scripting and was wondering if you could help me out. I have the following script that I inherited: #!/bin/bash # # Usage # From the agent directory: # ./run-any-agent AgentName # TAC_AGENT_HOME=`pwd` LIB=${TAC_AGENT_HOME}/lib CLASSPATH=.... (17 Replies)
Discussion started by: DTriniWay
17 Replies

8. UNIX for Dummies Questions & Answers

How to run two commands from a exec call in a c program

Hi, I have to run two commands one after another from a c program. How can i do this with exec system calls. i tried giving them as argument to execv but it is not working.please help thanks (3 Replies)
Discussion started by: suryashikha
3 Replies

9. UNIX for Dummies Questions & Answers

Running a program

Hi.Iam new to Linux.i got linux 7.0 pro and dont know how to run programs. I want a perl interputer and i know i installed one but how do i run it ??? Also how do i run a C or C++ editor ?and how do i run cron ? (3 Replies)
Discussion started by: perleo
3 Replies

10. Shell Programming and Scripting

Running a program automatically

How can I make a program run automatically at a certain time of day? My problem is I need to make a small backup program that will back up a few files every day? (3 Replies)
Discussion started by: jvadn0
3 Replies
Login or Register to Ask a Question

LEARN ABOUT CENTOS

smrsh

SMRSH(8)						      System Manager's Manual							  SMRSH(8)

NAME

       smrsh - restricted shell for sendmail

SYNOPSIS

       smrsh -c command

DESCRIPTION

       The smrsh program is intended as a replacement for sh for use in the ``prog'' mailer in sendmail(8) configuration files.  It sharply limits
       the commands that can be run using the ``|program'' syntax of sendmail in order to improve the over all security of your system.   Briefly,
       even  if  a  ``bad guy'' can get sendmail to run a program without going through an alias or forward file, smrsh limits the set of programs
       that he or she can execute.

       Briefly, smrsh limits programs to be in a single directory, by default /etc/smrsh, allowing the system administrator to choose the  set	of
       acceptable  commands, and to the shell builtin commands ``exec'', ``exit'', and ``echo''.  It also rejects any commands with the characters
       ``', `<', `>', `;', `$', `(', `)', `
' (carriage return), or `
' (newline) on the command line to prevent ``end run'' attacks.  It allows
       ``||'' and ``&&'' to enable commands like: ``"|exec /usr/local/bin/filter || exit 75"''

       Initial	pathnames  on programs are stripped, so forwarding to ``/usr/ucb/vacation'', ``/usr/bin/vacation'', ``/home/server/mydir/bin/vaca-
       tion'', and ``vacation'' all actually forward to ``/etc/smrsh/vacation''.

       System administrators should be conservative about populating the /etc/smrsh directory.	For  example,  a  reasonable  additions  is  vaca-
       tion(1),  and  the  like.   No  matter  how  brow-beaten you may be, never include any shell or shell-like program (such as perl(1)) in the
       /etc/smrsh directory.  Note that this does not restrict the use of shell or perl scripts in the sm.bin directory (using the ``#!'' syntax);
       it  simply  disallows  execution  of  arbitrary	programs.  Also, including mail filtering programs such as procmail(1) is a very bad idea.
       procmail(1) allows users to run arbitrary programs in their procmailrc(5).

FILES

       /etc/smrsh - directory for restricted programs

SEE ALSO

       sendmail(8)

							   $Date: 2004/08/06 03:55:35 $ 						  SMRSH(8)