From owner-freebsd-hackers@FreeBSD.ORG Tue Mar 1 20:31:18 2005 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DC7BB16A4CE for ; Tue, 1 Mar 2005 20:31:18 +0000 (GMT) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.185]) by mx1.FreeBSD.org (Postfix) with ESMTP id 677D743D1D for ; Tue, 1 Mar 2005 20:31:18 +0000 (GMT) (envelope-from max@love2party.net) Received: from [212.227.126.162] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1D6E1V-0003oa-00; Tue, 01 Mar 2005 21:31:17 +0100 Received: from [84.128.137.157] (helo=donor.laier.local) by mrelayng.kundenserver.de with asmtp (TLSv1:RC4-MD5:128) (Exim 3.35 #1) id 1D6E1V-0005Nk-00; Tue, 01 Mar 2005 21:31:17 +0100 From: Max Laier To: freebsd-hackers@freebsd.org Date: Tue, 1 Mar 2005 21:31:07 +0100 User-Agent: KMail/1.7.2 References: <4224CF06.7060103@comcast.net> In-Reply-To: <4224CF06.7060103@comcast.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart277483390.gHWZcVMIyF"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200503012131.15528.max@love2party.net> X-Provags-ID: kundenserver.de abuse@kundenserver.de auth:61c499deaeeba3ba5be80f48ecc83056 cc: Matt Subject: Re: retricted environment X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Mar 2005 20:31:19 -0000 --nextPart277483390.gHWZcVMIyF Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Tuesday 01 March 2005 21:22, Matt wrote: > When providing a shell environment for a larger number of users, what is > the best way to retrict access to commands/resources? I've already > setup quotas. I don't want users playing with system commands. I've > read something about a retricted shell, but can't find any details. I am not sure a restricted shell is the best sollution for interactive setu= ps,=20 but one is availale from src/contrib/sendmail/smrsh. See README for usage= =20 and build information. This, however, is more a thing for cvs-wrappers or= =20 stuff like that. =46or interactive environments you can use the normal group/user permission= s and=20 of course jail(8)s. =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --nextPart277483390.gHWZcVMIyF Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQBCJNETXyyEoT62BG0RAjJwAJ4zj0sU7JYWJ5Y5aFsp2YlsmKnlegCdH0sF dtygorzTmqigFJ0SrHReAuk= =MueK -----END PGP SIGNATURE----- --nextPart277483390.gHWZcVMIyF--