On Fri, 2012-03-02 at 09:32 +0530, Bijoy Lobo wrote: > Hello Everyone, > > Is there a way where i can only assign a few binaries to user like, > "su -" "ls" ? I do not want him to access anything else from /bin > or /usr/local/bin
Maybe create a new groups "trusted" and do the following cd /bin chown root.trusted * chmod 750 * for ff in $ {TRUSTED_BIN_LIST} ; do chmod o=rx $ff ; done Then add trusted users to the rusted group and keep th non trusted users outside. You may also do the same for /usr/bin If your question is that you need to restrict only when using sudo, then see man sudo. If you need to give the untrusted users some restricted root rights, then you need to play with +s Cheers,
signature.asc
Description: This is a digitally signed message part