services/Shell.md
... ...
@@ -9,33 +9,7 @@ Providers:
9 9
10 10
## Entropy shellbox
11 11
The Entropy shellbox runs a [Grsecurity](https://grsecurity.net/) secured kernel, along with various other hardening features such as [RBAC](https://en.wikipedia.org/wiki/Role-based_access_control) and some sysctl tweaks. It has an internal mail system which anyone can use to contact a shell user (`[user]@entropy.aix.ovh`). Mail is also accepted to shell users from external mail servers. Additionally, it has all of the [BlackArch tools](http://www.blackarch.org/tools.html) installed and available for everyone to use.
12
-To further enhance security, the ownership of various SUID executables and logs has been restricted to members of certain groups, which are nicely explained by the [MOTD](https://entropy.aix.ovh/shell/motd):
13
-```
14
- tpe: allows you to execute files not in root-owned
15
- directories writeable only by root
16
-
17
- nosock: cannot open any sockets
18
- noclisock: cannot open client sockets
19
- noservsock: cannot open server sockets
20
-
21
- viewproc: can see all processes on the system
22
-
23
- suid: can run `su`, `sudo`, `gpasswd` and `chage`
24
- usrsuid: can run `newgrp`, `chsh`, `chfn` and `at`
25
-
26
- share: can write to `/srv/share`
27
-
28
- snoop: can see users logged on to the system
29
- and their addresses
30
-
31
- msg: can run `wall` and `write`
32
-
33
- cron: can use the cron system
34
-
35
- volumes: can use `mount`, `umount` and `mount.nfs`
36
-
37
- audit: your activities are logged
38
-```
12
+To further enhance security, the ownership of various SUID executables and logs has been restricted to members of certain groups, which are nicely explained by the [MOTD](https://entropy.aix.ovh/shell/motd).
39 13
40 14
By default, users will be part of only `tpe` and `audit` groups (as well as their own) but may request to be added to other groups. Please note that only `execve()` and `chdir()` calls are logged as a result of a user's membership of the `audit` group.
41 15