flybywire
Reputation: 273922
blocking access to network services to a user in linux
is it possible to give a user an account on a linux machine while blocking his access to network services (say, don't let him open tcp connections to port 80 on the internet).
I know a firewall can do this, but I would like something in the unix philosohpy (everything is a file). perhaps there is somewhere a file that represents port 80 or something like that?
Upvotes: 1
Views: 748
Answers (1)
Jan Jungnickel
Reputation: 2114
No, this specific scenario requires a packet filter (namely iptables) on the local machine, using the --uid-owner or --gid-owner conditions.
Untested:
iptables -t filter -A OUTPUT --uid-owner 100 --dport 80 -j REJECT
Upvotes: 7
Related Questions
- Make local HTTP server inaccessable from outside
- Deny a connection to a server C socket programming
- Restrict user access to a particular directory in linux/ubuntu
- Restricting linux user to a folder
- Restricting listen port access
- How to block all traffic for a given user?
- Restrict user login on kernel level in Linux
- Allow or Blocking access in Linux to a port
- How to deny accessing to a service?
- Deny application network access in windows shell