You are not logged in.
Hi!
I would like to disable some sites using e.g. iptables to any user, and also to make enabling them hard. The problem is that if a user knows root password, he/she can stop the iptables daemon. Is there any way how to do this?
Thank you free software developers for sharing your work.
Offline
By the time you go through this much hassle, if they use a proxy all your work will be for nothing too.
Offline
Don't give him root acces.
Offline
Don't give him root acces.
Yes, that would be the best solution, but one of the users is me I'm thinking about it because I don't want to loose time that way anymore, I need and want to study more and do more useful things. One, but not very effective solution is to add long time delay to the /etc/rc.d/iptables script. And a primitive deletion prevention would be to add it multiple times in different places in the script.
Last edited by no4 (2007-02-11 21:27:49)
Thank you free software developers for sharing your work.
Offline
If you give someone root access - you make him the administrator.
But administrator knows which sites he wants to block, and knows better than you, isn't it? :))
Root can anything. therefe, you cannot prevent him from unblockung. Use proxy-server, says, squid on dedicated machine.
Do not give root password to anybody. Maybe, even to yourself. :)
Last edited by cute_dog (2007-02-12 10:26:56)
Offline
yeh i'd go with something liek what cute_dog suggested ...
say you have a router ...
you can reset it right? but it takes some effort..
so just block whatever sites through the router configs.. then change it's password to something random. done.
The.Revolution.Is.Coming - - To fight, To hunger, To Resist!
Offline