Re: UnixWare

der Mouse (mouse@collatz.mcrcim.mcgill.edu)
Wed, 27 Apr 1994 11:36:05 -0400

> Also, is there a way to block people running FSP without blocking all
> udp packets or relying on blocking udp to certain ports?  I may not
> be around full-time on this system, so it is conceivable for a user
> to set up their own fsp server in their home dir and not have me
> notice it for a few weeks or so.

Why would you _want_ to block that?  That doesn't put your system at
any more risk than it already is by allowing said user connectivity to
the world of any sort, as far as I can see.

Unless you have some users connecting via, say, dialup, that you want
to restrict from all network access of any sort; in this case, the only
effective measures I can see are either (a) a sufficiently restricted
environment that they can't import arbitrary programs or (b) having the
kernel refuse network services to them unconditionally.

					der Mouse

			    mouse@collatz.mcrcim.mcgill.edu