On Sun, 6 Feb 2005 01:28:50 +0100 Zacharie Elcor <zelcor@xxxxxxxxx> wrote: > I want to create a restricted user without password that can only use > a web browser. > I added a user named "visitor" and created in his home dir a file > .xsession that contains: > > firefox > > so that when he logs in, firefox is launched, and when he closes > firefox, he is logged out. > This works fine but he is still able to ctrl+alt+F(1-6) and log in to > browse the file system. > > To prevent that, I tried to set /bin/false as the default shell for > that user in /etc/passwd but this also prevented him to log in > graphically. > > Is there a way to be sure that "visitor" will only be able to browse > the web and not the file system ? any security issues ? > > Thanks for help A relatively way to do this would be to use rbash (or "bash -r") as the user shell. For details, see "man bash" and search on the word "restricted". cheers, Robert
