On Fri, 2012-03-02 at 09:32 +0530, Bijoy Lobo wrote: > Hello Everyone, > > Is there a way where i can only assign a few binaries to user like, > "su -" "ls" ? I do not want him to access anything else from /bin > or /usr/local/bin
Maybe create a new groups "trusted" and do the following
cd /bin
chown root.trusted *
chmod 750 *
for ff in $ {TRUSTED_BIN_LIST} ; do chmod o=rx $ff ; done
Then add trusted users to the rusted group and keep th non trusted users
outside.
You may also do the same for /usr/bin
If your question is that you need to restrict only when using sudo, then
see man sudo.
If you need to give the untrusted users some restricted root rights,
then you need to play with +s
Cheers,
signature.asc
Description: This is a digitally signed message part
