Thanks. I've done a slight similar thing here. There are still ways to go beyond this but for now I am contented with this setup. I also made a bin directory.
On Friday 08 August 2003 00:10, Michael Chaney wrote: > On Wed, Aug 06, 2003 at 10:17:56AM +0800, cedie boyet alben benavente alteza EL wrote: > > I need to create a user which can only run a ping command, none else. > > > > Can this be done? If so please do share it with us how to do this account > > I hacked up one of the shells in BusyBox a couple of years ago to chroot > to the user's home directory at login. Inside the user's home > directory, I had a bin directory (which was the only place that binaries > would be run from), an etc directory with a stripped passwd and group, > and another directory that they actually owned and could write to. I > can't find the source to that shell right now, but it's not difficult if > you know any C (or know anyone who does). > > The only thing you'd have to add to that is a statically compiled ping > binary in their bin directory. > > A friend of mine is doing something similar with subterfuge. It would > allow you to give the user read access only to a ping binary and nothing > else. A different way to accomplish the same thing. > > Michael -- Alben Benavente Alteza I/S Security Administrator II Information Systems Security Administration Information Systems Dept./ Philippine Airlines Data Center Building Tel. 831-6541 ext. 7861 Fax. 831-0198 -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
