On Thu, Oct 09, 2003 at 02:20:56PM +0800, Ivy Cabeza wrote: > hello people, > i'm tasked to permit users to login to a certain server via ssh2 but i > need to limit the user's access to a certain application. i've heard > sudo and chroot do something like this... chroot virtually alters the > topmost directory of a particular user; sudo permits ordinary users to > execute admin commands. > i want to hide some directories but let the user execute a command that > needs to "see" the normal directory structure of the system. is this > possible?
AFAIK, no, unless you are willing to go so far as installing some highly intrusive kernel patches like LIDS. What you're talking about can't accomplish what you want to happen. Sudo will not allow you to break out of a chroot jail, not even a setuid root process should be able to do this. Allowing that defeats the purpose of having a chroot jail in the first place. If you want to provide restrictions on what certain users can do, your best bet would be to make their shell a restricted one. Read the manual page for bash for information on how to do this. -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
