From owner-freebsd-stable@FreeBSD.ORG  Tue Mar 30 09:05:10 2004
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CEB8116A4CE
	for <freebsd-stable@freebsd.org>;
	Tue, 30 Mar 2004 09:05:10 -0800 (PST)
Received: from cp1.idleserv.net (cp1.idleserv.net [65.125.227.66])
	by mx1.FreeBSD.org (Postfix) with ESMTP id AF6AA43D2D
	for <freebsd-stable@freebsd.org>;
	Tue, 30 Mar 2004 09:05:10 -0800 (PST)
	(envelope-from lag@ipwatchers.net)
Received: from pcp04387731pcs.tmsrvo01.nj.comcast.net ([68.37.68.161]
	helo=skynet)	by cp1.idleserv.net with smtp (Exim 4.24)
	id 1B8Mfj-0006il-5O
	for freebsd-stable@freebsd.org; Tue, 30 Mar 2004 12:05:07 -0500
Message-ID: <006201c41679$7a49d750$0201a8c0@skynet>
From: <lag@ipwatchers.net>
To: <freebsd-stable@freebsd.org>
References: <freemail.20040229135806.1927@fm11.freemail.hu>
	<20040329182339.431e9e5b@bogomips.optonline.net>
Date: Tue, 30 Mar 2004 12:07:26 -0500
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1158
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
X-AntiAbuse: This header was added to track abuse, please include it with any
	abuse report
X-AntiAbuse: Primary Hostname - cp1.idleserv.net
X-AntiAbuse: Original Domain - freebsd.org
X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [47 12]
X-AntiAbuse: Sender Address Domain - ipwatchers.net
Subject: Re: Security related questions
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Production branch of FreeBSD source code
	<freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Mar 2004 17:05:11 -0000

could anyone explain some examples of setting up a restricted group for
limiting users?  using chmod and chown.. i've had a little luck, but not
overall.
----- Original Message ----- 
From: "Marc Spitzer" <mspitze1@optonline.net>
To: <freebsd-stable@freebsd.org>
Sent: Monday, March 29, 2004 6:23 PM
Subject: Re: Security related questions


On Mon, 29 Mar 2004 13:58:06 +0200 (CEST)
Kovács Péter <kovacspeter2@freemail.hu> wrote:

> Hi all,
>
> I have some FreeBSD specific questions, that I can't solve.
>
> 1. How can I set a user profile to execute only specific
> commands/programs? Like in Trusted Solaris: Execution Profiles.

There is a project for this, at least 1, but the name escapes me
at the moment.  I saw it on sourceforge

>
> 2. How can I grant access to a file only for a specific
> user. For example I have a job.txt file. This file is in my
> home directory and I want this file to be read by the user:
> james (only).

man chmod and chown.  Possable set up a special group for him.

marc

>
> Thanks,
> Peter