Date: Tue, 01 Mar 2005 13:01:36 -0800 From: Matt <mhersant@comcast.net> Cc: freebsd-hackers@freebsd.org Subject: Re: retricted environment Message-ID: <4224D830.4080401@comcast.net> In-Reply-To: <200503012131.15528.max@love2party.net> References: <4224CF06.7060103@comcast.net> <200503012131.15528.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Max Laier wrote: >On Tuesday 01 March 2005 21:22, Matt wrote: > > >>When providing a shell environment for a larger number of users, what is >>the best way to retrict access to commands/resources? I've already >>setup quotas. I don't want users playing with system commands. I've >>read something about a retricted shell, but can't find any details. >> >> > >I am not sure a restricted shell is the best sollution for interactive setups, >but one is availale from src/contrib/sendmail/smrsh. See README for usage >and build information. This, however, is more a thing for cvs-wrappers or >stuff like that. > >For interactive environments you can use the normal group/user permissions and >of course jail(8)s. > > > Thanks, I'll look at that. To allow retricted access using groups/users, is the normal procedure to remote o+rwx permissions from the selected commands/directories? Hmm. I thought the kernel secure level setting which helped restrict users. I've much to learn.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4224D830.4080401>