If you set the path to be their home directory and put in sim links for those aps you want them to use this will restrict their access.
-taz -----Original Message----- From: Colin Phipps [mailto:[EMAIL PROTECTED] Sent: Wednesday, 15 November 2000 04:50 To: [email protected] Subject: Re: restricted bash (rbash) On Tue, Nov 14, 2000 at 04:34:33PM +0100, Jan Martin Mathiassen wrote: > On Tue, Nov 14, 2000 at 01:30:57PM -0200, Pedro Zorzenon Neto wrote: > > I put /bin/rbash as the default shell (in /etc/passwd) for some users that > > I just want them to use a restricted login. > > > > When the user logs in, rbash is being executed and the restricted login is > > working well. But, if the user executes 'bash', everything becames unrestricted. [goes away and plays with rbash for a bit] > > How can I deny the execution of shells inside rbash? > My first thought would be to remove the executable flag for other users, > make a special group for bash, and add anyone that should have access to > bash in that group. No; restricting just shells is useless if you leave other commands open. >From my very brief look, it appears that rbash essentially prevents you running commands outside of your PATH. Clearly it has NO security value unless you set their PATH to a directory with only the few commands you want them to be allowed to run. -- Colin Phipps <[EMAIL PROTECTED]> http://www.netcraft.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
