Originally Posted by redfox2807
If you restrict those users from reading system files and dirs they will only be able to run executables located in their home folders only (if /home isn't mounted with -noexec option of course). In Linux programs are run with exactly the same privileges that has the user that started them. So the programs won't be able to read system files and dirs either and would hardly work.
As far as I know you're only able to prevent users from getting access to other user's data in Linux. Why do you want to hide the root filesystem from a user?
Isn't there any options using ACL? or combining two ore more ideas like chrooting,ACL,SSH chrooting, sudo powers etc? There is no issues on accessing the essential directories under / but the developer should not have the ability to edit those files&directories.
for eg:- they can 'cd' & ls to /etc /bin if it is required
but not able to 'cd' to /dev, /misc etc...
but should be able to access&edit /home
I have created a user called developer and setfacl rwx to home directory
Now the scenario is like the developer user have full access to /home also the user can ls & view all the files&directories under / but cannot perform any other operation under the directories and files rather than /home
I think the solution is half acheived
but needed to restrict the view of certain directories under /
Sound like a crazy idea!!!. but badly needed to implement this.