Adrian,
There used to be a tiny shell or secure shell program that was used by
dial-in providers to limit the commands that a user had access to. I
don't know where to find it off the top of my head, but that is one
option.
The other would be to create a unique .profile or .cshrc depending on the
shell you are using that lives in the user's directory and is owned and
writeable only by root. In the file you would override all of the default
settings from the system wide file and allow access to one directory
that would contain copies of the programs you want that person to be able
to execute. Not as secure as the first option, but it would work. I
would also place this person in a unique group and work the permissions on
the other files and directories in the machine to further increase
security. Finally, you would have to make their home directory read-only
for them preventing them from storing and launching a program from that
directory.
/tmp is a much tougher problem, something that the tiny shell I mentioned
before could solve. Now that I think about it, you could alias 'cd' to do
nothing or echo a trite phrase.
Randy Zeitvogel
On Fri, 17 Mar 2000, Adrian Walters wrote:
> is there anyway that i can stop a user from running programs from their
> directory or /tmp? without disabling this for every user?
>
>
>
> --
> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> as the Subject.
>
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
