-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 26 Feb 2002, Sematimba Noah Kevin wrote:
> remember to make sure that the users /home/$user/.profile is restricted > either root i.e owner root permissions 0700, or set to immutable with > chattr +i Yes, that goes pretty much with out saying... I think that is better to use the chattr +i option rather than the 0700 mode as the user might be able to delete this file otherwise. I have had enterprising users get vim or other binaries from other machines onto the machine where they were given a restricted shell and they used it exit the restricted shell. A restricted shell is a tricky thing.. An experienced user get out of it inspite of all your precautions. So be warned... :) Regards Dhar -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8e8zluQMMKXqy0FoRAuONAJ9lXmKDnfRn8mycsWJcO03Z/NpmeACgxZTW 26baqAK7Fi3KeuBdj5Xxb3g= =J91m -----END PGP SIGNATURE-----
