On Wed, Aug 06, 2003 at 10:17:56AM +0800, cedie boyet alben benavente alteza EL wrote: > I need to create a user which can only run a ping command, none else. > > Can this be done? If so please do share it with us how to do this account
I hacked up one of the shells in BusyBox a couple of years ago to chroot to the user's home directory at login. Inside the user's home directory, I had a bin directory (which was the only place that binaries would be run from), an etc directory with a stripped passwd and group, and another directory that they actually owned and could write to. I can't find the source to that shell right now, but it's not difficult if you know any C (or know anyone who does). The only thing you'd have to add to that is a statically compiled ping binary in their bin directory. A friend of mine is doing something similar with subterfuge. It would allow you to give the user read access only to a ping binary and nothing else. A different way to accomplish the same thing. Michael -- Michael Darrin Chaney [EMAIL PROTECTED] http://www.michaelchaney.com/ -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
