Re: create a restricted user

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 05 Feb 2005 22:44:54 -0500, Scot L. Harris <webid@xxxxxxxxxx> wrote:
> On Sat, 2005-02-05 at 22:10, Gain Paolo Mureddu wrote:
> > Scot L. Harris wrote:
> >
> > >You found the big problem with giving someone access to a program, most
> > >times they can find a way to escape that program and get a shell prompt.
> > >
> > >
> > Shouldn't /bin/null help here to avoid giving them a shell?
> 
> That should keep them from logging in at all.  Which is very secure.  :)
> 
> The problem is that in order to run the browser I think you have to have
> a shell running.  I suspect if you put the browser in place of the shell
> in the passwd file it would not work.  (might be worth a quick test
> though)
> 
> I really think the best option is to try and setup chrooted access.  If
> they manage to get a shell prompt they are restricted in what they can
> access.

If I chroot the restricted user, what are the minimum commands that
should be available in order for him to be able to run firefox ? is a
shell required ?
> 
> --
> Scot L. Harris
> webid@xxxxxxxxxx
> 
> Forty two.
> 
> --
> fedora-list mailing list
> fedora-list@xxxxxxxxxx
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux