> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > Stuart Henderson > Sent: Wednesday, September 07, 2005 12:13 PM > To: Misc OpenBSD > Subject: Re: Shell account cgi script > > --On 07 September 2005 10:40 -0500, L. V. Lammert wrote: > > > There are always ways, .. but I would not consider recommending such > > sophisticated solutions for the basic user level of this poster. > > If it's necessary to ask questions of this nature, perhaps running a > server automatically handing out shell accounts to unknown users > signing up from a website might result in some Interesting experiences.
Perhaps the OpenBSD community can at least come up with some general hints for people who wish to use OpenBSD for hosting shell accounts. Protecting a server from inside attacks is much harder, but I think OpenBSD is a good platform for this purpose. Login classes, pf user and group limits, and systrace provide a powerful set of tools for allowing untrusted shell accounts. If anyone has experience setting up these tools in a hosted shell account environment, perhaps you could give some hints. Personally, I wouldn't give shell access to someone I don't know and trust, but if I had to, is seems that OpenBSD would be a good choice.
