Some Unix variants have had a shell called restricted_shell
(usually given the helpful name rsh). I don't recall ever
seeing a version for Linux, but a description can be found
here: http://gsbjfb.uchicago.edu/man/man1m/rsh.html
"Randolph K. Zeitvogel" wrote:
>
> Adrian,
>
> There used to be a tiny shell or secure shell program that was used by
> dial-in providers to limit the commands that a user had access to. I
> don't know where to find it off the top of my head, but that is one
> option.
>
> The other would be to create a unique .profile or .cshrc depending on the
> shell you are using that lives in the user's directory and is owned and
> writeable only by root. In the file you would override all of the default
> settings from the system wide file and allow access to one directory
> that would contain copies of the programs you want that person to be able
> to execute. Not as secure as the first option, but it would work. I
> would also place this person in a unique group and work the permissions on
> the other files and directories in the machine to further increase
> security. Finally, you would have to make their home directory read-only
> for them preventing them from storing and launching a program from that
> directory.
>
> /tmp is a much tougher problem, something that the tiny shell I mentioned
> before could solve. Now that I think about it, you could alias 'cd' to do
> nothing or echo a trite phrase.
>
> Randy Zeitvogel
>
> On Fri, 17 Mar 2000, Adrian Walters wrote:
>
> > is there anyway that i can stop a user from running programs from their
> > directory or /tmp? without disabling this for every user?
--
Rob Saul
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
