Restrict what commands users can use?
Hi!
Edit: I use FreeBSD 6.1 and OpenBSD 4.0 on my servers. Is there a way to control what commands users can use? I would like some users to only have the ability to use cd, ls, nano or vi, mkdir, rm and cat (maybe some more). I want a trusted group to be able to use screen, irc, centericq, wget and links as well. Can I do this without a jail? Thanks in advance! |
Yes you can, but you'll be working on changing file permissions throughout the file system.
Code:
find / -type f -exec chmod o-x {} \; -print This is the old-school way of doing it. And is not very complicated from a minimalist approach. Keep in mind that when you upgrade the base system or reinstall a port, all these settings are going to get screwed up. So you may want to create a script to automatically fix the settings after upgrades. |
All times are GMT -5. The time now is 08:07 AM. |