On Tue, Jul 25, 2000 at 06:19:53PM +1000, chesty wrote:
> On Tue, Jul 25, 2000 at 05:41:28PM +1000, Andrew Reilly wrote:
> > On Tue, Jul 25, 2000 at 04:29:16PM +1000, George Vieira wrote:
> > > Is it possible to lock telnet users to their home directories under RedHat
> > > >=6.1?
> > 
> > No.  You almost certainly don't want to do that.  You might
> > think that you do, but you don't.
> 
> What wrong with rbash? I though that was its job.
> 
> change /bin/bash in /etc/passwd to /bin/rbash 
> You could probably do it through linuxconf as well.
> 
> That might stop them from ftping in though, add
> /bin/rbash to /etc/shells to fix it.
> 
> man rbash for details.

I don't have it on my system, but how could a different login shell
stop you from starting a /bin/sh with, say, a vi shell escape?
(... or just typing /bin/sh and being done with it.)

If you're providing some sort of public hosting service, then there
are chroot-like options, but that's effectively creating a virtual
machine for each of your users, rather than just limiting what your
users can generally do.

If you're providing a traditional multi-user time sharing system,
then what harm is letting your users see the publically readable
parts of the system going to do?

-- 
Andrew


--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug

Reply via email to