Date: Wed, 2 Mar 2005 13:46:38 -0500 (EST) From: c0ldbyte <c0ldbyte@myrealbox.com> To: Matt <mhersant@comcast.net> Cc: freebsd-hackers@freebsd.org Subject: Re: retricted environment Message-ID: <20050302134039.G7456@eleanor.us1.wmi.uvac.net> In-Reply-To: <4224CF06.7060103@comcast.net> References: <4224CF06.7060103@comcast.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 1 Mar 2005, Matt wrote: > When providing a shell environment for a larger number of users, what is the > best way to retrict access to commands/resources? I've already setup quotas. > I don't want users playing with system commands. I've read something about a > retricted shell, but can't find any details. Sorry if this is a little too late but your best bets are of (chmod,chown,chflags) also in (/etc/login.conf). Besides that it doesnt matter in a normal environment if a reg'd user messes with system commands, they wont beable to change anything with the system anyway and even if you didnt resitrict the commands that they can execute they just might report to syslog that the $UID was trying to use them and give you a heads up on trying to keep track of the user at hand. Best of luck: for more great info on FreeBSD and its options check out freebsd.org/handbook /faq and http://draenor.org/securebsd/secure.txt Best of luck --c0ldbyte This e-mail may be privileged and/or confidential, and the sender does not waive any related rights and obligations. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. If you received this e-mail in error, please advise me (by return e-mail or otherwise) immediately.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050302134039.G7456>