Date: 13 Jan 2004 21:04:04 -0500 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: freebsd-questions@freebsd.org Subject: Re: binary execute restrictions Message-ID: <444quzs2uj.fsf@be-well.ilk.org> In-Reply-To: <0D7DAA44-4615-11D8-AA98-003065ABFD92@mac.com> References: <000d01c3d980$5521b6e0$5858269e@JANELLE> <0D7DAA44-4615-11D8-AA98-003065ABFD92@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Charles Swiger <cswiger@mac.com> writes: > On Jan 12, 2004, at 9:52 PM, Jefferson San Juan wrote: > > How do I restrict normal users from executing their own compiled > > executable > > binary files? > > Give them a "restricted shell" which limits the commands they can run > to ones you specify. See "man zshall" for one example, although other > restricted shells exist which might come closer to what you want than > ZSH particularly: I suspect that a restricted shell isn't going to be appropriate in this case. Restricted shells are useful for avoiding shooting yourself in the foot, but they're really not intended to be secure.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?444quzs2uj.fsf>