On Mon, Jan 16, 2012 at 11:57 PM, Make Compile <[email protected]>wrote:
> when i test the account the user can still view ip settings of linux box. > any ideas on how to restrict specific command on visudo > I'm not sure exactly what you're trying to achieve here, and I apologize if I've missed some relevant details, but why not use a restricted shell? Then you can preconfigure the user's shell's PATH variable (which the user him/herself cannot change), and then, if you wish to go even further, populate your private path(s) with shell scripts that control which other command(s) and command option(s) that user is allowed to execute. (Shell scripts run from a restricted shell are themselves not subject to the original shell restrictions and hence can break out of the shell "jail" according to the desires of the script author/administrator.) /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
