keeping non-root user out of Perlbal mgmt

Andrew Sweger andrew at sweger.net
Thu Feb 14 21:25:36 UTC 2008


This isn't really a security solution. But if you're stuck running Perlbal
on a machine that has to have non-root users with shell access and you
want to keep them from using "telnet localhost 60000" (or whatever), the
following might help:

iptables -A OUTPUT -s 127.0.0.1 -d 127.0.0.1 -p tcp \
  --dport 60000 -m owner ! --uid-owner root -j REJECT

-- 
Andrew B. Sweger -- The great thing about multitasking is that several
                                things can go wrong at once.



More information about the perlbal mailing list