[nycbug-talk] A couple of security related questions
Tue Oct 5 09:39:39 EDT 2004
On Oct 4, 2004, at 2:09 PM, Dru wrote:
> On Mon, 4 Oct 2004, Steve Rieger wrote:
>>> On Mon, 4 Oct 2004, Steve Rieger wrote:
>>>> Is it possible to disable root access except from console logins,
>>>> Do you guys recommend putting rcs on /etc and /sbin etc...
>>> I think you're looking for "man 5 login.access". Michael Lucas wrote
>>> a bit
>>> about it here:
>>> It's also in hack #34 of BSD Hacks ;-)
>>> I'm not sure what you're asking about with "rcs"... Are you
>>> referring to
>>> some sort of tripwire database or tightening up permissions?
>> With rcs, I want that in order for anybody to be able change any file
>> settings in /etc/and the sbin's they would have to check it out with
>> I just want to know if this is advisable or is there a better way ti
>> a backup copy everytime somebody wants to make any change in the /etc
> That's a cool idea. Anyone either implementing this or seen it
> implemented out in the wild?
I set something similar up at an ISP I worked for. We used CVS to
manage changes made to all configuration files dealing with web
hosting. So when a customer added features to their hosting package,
say they wanted a static IP, a script would be run that would update
the files and check it back in to CVS. Before I left, we had planned
to managed our DNS servers in a similar fashion. Made for an excellent
way to track changes or any typos that might pop up.
Village Community School
More information about the talk