-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/12/2010 08:40 AM, roland wrote: > I would like to give someone a login on my server. > But, I would like to limit access to his home dir. > > With Nautilus, Konqueror or from distance with p.e. Winscp, this person > could see what he wants and do maybe the unexpected. > > Can I prevent him from moving somehow? (whatever version of Fedora) > You could limit him somewhat using guest or xguest user with SELinux. # semanage login -a -s guest_u USERNAME guest_u allows him to ssh onto your machine and locks him down, so he can not execute setuid apps, or use network ports. xguest_u allows him to login via X and use http ports. These confined users prevent a lot of access on the machine, but not necessarily everything. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkxkD10ACgkQrlYvE4MpobMnHgCgw15uYBCwDIUFoMYcHImrFlag pzQAoK4lESFH6ws8n55UaQCiUMymsWHC =BVYo -----END PGP SIGNATURE----- -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
