Stuart Jansen wrote: > If standard unix permissions and FACLs aren't enough, I would use PAM > and/or SELinux. For example, check out Fedora's xguest. We're using > something inspired by it to allow customers to run a graphical app > remotely in a very locked down but useful environment. Marxist.
In some cases, restricted bash (bash -r or rbash) may be useful. I just learned about this tonight when doing a google search to try to answer the OP's question. Restricted bash is perfect for my current use case; I'm going to implement it tomorrow. /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
