On 5/23/06, Mike S. Lacanilao <[EMAIL PROTECTED]> wrote:
have you seen 'sudo' utility?
Yeah, a properly-configured `sudo' (you can do this via `visudo') can do wonders. Although, if you're sufficiently paranoid, a good chroot plus sudo can work too ;-) OTOH, chroots are quite painful to set up, but are worth the effort if your intended users are a bit, erm, well, finicky. I can imaging doing a `debootstrap' for getting a Sarge base running on /debian-chroot , bind-mounting /home and tmpfs-mounting /tmp to it, configuring a `dchroot' environment, and add users with a shell `/usr/bin/dchroot -d -c debian' for the finale. Your users won't even notice they're in a dchroot, so even if they manage to break `sudo', they'll be in nowhere-land. Thoughts? =) -- Zak B. Elep || http://zakame.spunge.org [EMAIL PROTECTED] || [EMAIL PROTECTED] 1486 7957 454D E529 E4F1 F75E 5787 B1FD FA53 851D
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List [email protected] (#PLUG @ irc.free.net.ph) Read the Guidelines: http://linux.org.ph/lists Searchable Archives: http://archives.free.net.ph
