> >Ping is just an example of a command. I will give him more than ping but
> > not all the default commands.
Mandrake 9.1 in paranoid mode (and higher security mode too, the mode
before paranoid), and i'm sure other linux distributions [particularly the
ones that emphasize security] has a neat solution to this. certain classes
of programs are all accessible only to particular groups. e.g., compilers
and development tools are available only to the ctools group. users,
by default, are not in the ctools group (or ntools, for network tools like
ping, and other groups for particular purposes) so they can't use those
tools.
on the other hand, in Mandrake, even in paranoid mode, users can login
and startx -- :2 (or login to the dm). so it's not as paranoid as i'd like.
what i'd like is if they had no rights at all to run any programs (not even
login, except to POP3, IMAP, etc) and then one had to turn those features
on per user or per group.
you could probably do something like:
for dir in /usr/bin /bin /usr/local/bin /usr/local/sbin /usr/X11R6/bin
do
chmod -R o-rwx $dir
done
that way, by default, regular users not in the particular groups
can't run anything. then you can chmod o+rx just those programs
that you want everyone to be able to run. and maybe finetune the
groups for particular applications.
that might, on the other hand, be far too much trouble and the
suggestion about using a menu based system (or let them access
a web based system and not give them login access at all) is
probably better :).
to the rest of the mailing list, are there linux features that have
something similar to NTFS ACLs? so that you can give individual
users read,write,execute,modify writes on particular files but not
to others? i don't necessarily think this is a good idea. without serious
management software and commitment
to good practices this can easily become ACL spaghetti, e.g.:
random people have access to random things,
people are given temporary access to things and then the access
is never revoked,
do ACLs expire when the user is removed? or do the ACLs still
exist in there, in the extended file attributes file, ready to be
misused when sometime later the same login is used by
someone else, or the uid is reused somehow (by bug or design).
groups (and group ACLs) are the better solution. easier to remove
people from groups than to grovel through the disk looking for all
files that the former employee has rights to and then removing
those rights. But groups can be inflexible, so in the name of
flexibility and convenience, individuals are given rights instead
of gaining their rights from the groups they're part of.
uh. excuse me, got carried away there. comments and links to
ACL's in linux and best practices in ACL handling (NT or linux is
fine) would be appreciated though.
tiger
--
Gerald Timothy Quimpo gquimpo*hotmail.com tiger*sni*ph
http://bopolissimus.sni.ph an xcdngl nntrstng jrnl
Public Key: "gpg --keyserver pgp.mit.edu --recv-keys 672F4C78"
Your manuscript is both good and original, but the part that
is good is not original, and the part that is original is not
good.
-- Samuel Johnson
--
Philippine Linux Users' Group (PLUG) Mailing List
[EMAIL PROTECTED] (#PLUG @ irc.free.net.ph)
Official Website: http://plug.linux.org.ph
Searchable Archives: http://marc.free.net.ph
.
To leave, go to http://lists.q-linux.com/mailman/listinfo/plug
.
Are you a Linux newbie? To join the newbie list, go to
http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
