Group with LEAST Rights

lcwilson95 · 12-14-2006, 09:03 AM

I am trying to set permissions. What is the group with the lowest rights? I tried nobody, but I can still kill processes.

MensaWater · 12-14-2006, 09:10 AM

It sounds like you're trying to create an account for very limited access. This is exactly what chroot directories are designed for. You can set it up so that the user doesn't even have access to the kill command (or even ps).

You may wish to explore chroot setups.

Groups in and of themselves don't have "rights". The rights (permissions) are set on the files. If a user starts a process he has permission to kill it. In some UNIX environments this can be controlled with setprivgrp but I'm not sure of any equivalent in Linux so chroot is the way to go.

DJ Shaji · 12-14-2006, 02:43 PM

By the way - users can only kill processes which they have themselves started. E.g. a process started by root cannot be killed by another user.

Code:

[djshaji@localhost ~]$ killall -verbose gdm-binary
gdm-binary(1622): Operation not permitted
gdm-binary(1860): Operation not permitted
gdm-binary: no process killed

However, root is exempt from this, and she can kill any process she wants.

MensaWater · 12-14-2006, 03:48 PM

she? Everyone knows God is a man.

DJ Shaji · 12-17-2006, 02:07 PM

Quote:

Originally Posted by jlightner

she? Everyone knows God is a man.

Yeah? And who's everybody? You and what army?

uselpa · 12-17-2006, 02:42 PM

Quote:

Originally Posted by DJ Shaji

Yeah? And who's everybody? You and what army?

Just look at the world.
A woman would have done better.

J.W. · 12-17-2006, 03:25 PM

Let's please shift this thread back to the original topic...