[clug-talk] Best ways to secure a limited user account?
Curtis Sloan
curtis.sloan at shaw.ca
Thu Dec 9 17:51:34 PST 2004
Hi all,
I'm creating an account for my kids on my box. It is likely that security by
obscurity will probably work just fine (for a time), but it got me wondering:
what sorts of things should one include in a security checklist for setting
up limited access user accounts?
My first thought is to use a chroot jail. Is this an appropriate situation to
utilize one? I know they are typically used for remote access.
I would like to hear other ideas on general system security, or other
implementations as well (PAM, password shadowing, Linux security models,
Kerberos, etc.).
Here's another specific on which I would like to hear comments: I need to
keep the login/password and user environment simple so they can authenticate
and use their programs independent of my help. But I also want this
procedure/environment to be as locked down as possible. What are the best
ways of balancing security and accessibility in this case?
Thanks for your thoughts!
Sincerely,
Curtis S.
More information about the clug-talk
mailing list