LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
Reload this Page Restrict user
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 09-21-2006, 10:04 AM   #1
sunhui
Member
 
Registered: Jan 2006
Location: taiwan
Posts: 156

Rep: Reputation: 30
Restrict user

I want to control a user can only access a specific directory eg. /tmp and /home , and can't access the other directory even the general directory eg. /usr , /var , what can I do ? I tried ibsh , but this method allow user access HOME directory ONLY , if I want the user can access a list of specific directory , what can i do ? thx
 
Old 09-21-2006, 01:05 PM   #2
macemoneta
Senior Member
 
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
Blog Entries: 2

Rep: Reputation: 344Reputation: 344Reputation: 344Reputation: 344
Not much. Restricted shells tend to be very hard and very time consuming to lock down properly. In the end, you will effectively remove access to most of the software, making the shell nearly useless.

It's much more effective to use proper permissions and file placement. For higher security, you can use a mandatory access control system like SELinux. In that way, the user's access to system directories becomes a non-issue.
 
Old 09-21-2006, 06:11 PM   #3
matthewg42
Senior Member
 
Registered: Oct 2003
Location: UK
Distribution: Kubuntu 12.10 (using awesome wm though)
Posts: 3,530

Rep: Reputation: 65
You can make a user which can't read /usr if you like, but what would be the point? Most basic commands reside in /usr/bin, /var is used by many programs for lockfiles and many use /var/tmp.

You might be able to implement it with ACLs, but it'd probably be simpler with groups.

Maybe SELinux can do something like this (restrict specific users to an approved list of programs)?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to restrict ftp user manish_meet_in Linux - Newbie 9 05-31-2006 11:52 PM
how to restrict a linux user ? phneoix Linux - Security 1 02-13-2006 04:34 PM
To restrict a specific user simi_virgo Linux - Newbie 1 02-26-2005 12:03 AM
how to restrict the user simi_virgo Linux - Newbie 2 02-25-2005 06:31 AM
How to restrict user (FTP)? Rex_chaos Linux - Networking 2 03-19-2003 04:48 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 06:16 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration