From owner-freebsd-questions Wed Aug 7 06:24:19 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id GAA18321 for questions-outgoing; Wed, 7 Aug 1996 06:24:19 -0700 (PDT) Received: from maelstrom.CC.McGill.CA (maelstrom.CC.McGill.CA [132.206.35.2]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id GAA18277 for ; Wed, 7 Aug 1996 06:24:10 -0700 (PDT) Received: (from yves@localhost) by maelstrom.CC.McGill.CA (8.7.1/8.6.10) id JAA00734; Wed, 7 Aug 1996 09:19:44 -0400 (EDT) Message-Id: <199608071319.JAA00734@maelstrom.CC.McGill.CA> Content-Type: text/plain MIME-Version: 1.0 (NeXT Mail 3.3 v118.2) Received: by NeXT.Mailer (1.118.2) From: Yves Lepage Date: Wed, 7 Aug 96 09:19:41 -0400 To: Bala Periasamy Subject: Re: disable telnet for a group of users cc: freebsd-questions@freebsd.org Reply-To: yves@CC.McGill.CA References: <199608070528.PAA28584@skeg.cst.com.au> Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Hi, >How to disable telnet for a group of users? Define a group that you could possibly name 'badboys'. set the permissions on the telnet binary to be r-x---r-x and group ownership to be 'badboys'. Then, add all the members of this group of users to the 'badboy' group. What will happen is this: when checking execute permissions when the user invokes telnet, the checking will end at the first match (group). And since group has no permissions at all on this program, the 'badboys' member won't be able to execute it. All those who are not part of the group will still be able to execute the program. I hope this helps. Yves Lepage