Re: Limiting User Commands
On Sunday, 07 November 2004 18:14, ea@sellinet.net wrote:
> You just need to add group(access) to that system accounts that you
> want or that you think that they'll break in unexpected places...
> Don't you think?
Why not do this the other way around--it should be much simpler, and
only affects users you specifically touch:
e.g. add users you don't want to run /usr/bin/prog1 to the group
"noexecprog1", set the permissions of /usr/bin/prog1 to 705 and make
the owner:group root:noexecprog1. Now anyone in the group noexecprog1
can't read or execute the program, but anyone else can.
--
Wesley J. Landaker <wjl@icecavern.net>
OpenPGP FP: 4135 2A3B 4726 ACC5 9094 0097 F0A9 8A4C 4CD6 E3D2
Reply to: