On Sat, Nov 06, 2004 at 11:21:43AM -0800, Stephen Le wrote: > On Sat, 6 Nov 2004 12:43:27 -0500, Kevin Mark > <firstname.lastname@example.org> wrote: > > I think it is worth the extra 'sudo'. People should learn the difference > > between regular commands and special commands. you can have sudo ask for > > a password or not. Ubuntu uses a sudo-like thing. Users should be asked > > to do an extra step for commands that are not 'normal' for a reason. the > > idea like 'think twice, type one' is good for such commands. > > I'm well aware that sudo can be configured to not ask for passwords, > but as I stated in a reply to another person suggesting that I use > sudo, I'm not trying to grant access to any special commands. Rather, > I'm trying to limit the commands users can run to a certain subset. > For example, I might not want regular users to be able to run ftp or > telnet. > > If I were to use sudo, I would have to remove execute access from all > commands and grant them on a command by command basis, requiring each > users to prefix _every_ command with 'sudo'. > > -Stephen Le Hi Stephen, if U is all the commands a regular user can execute and X is the set of commands you want them to have access to: X is _ near 90% or near 10%? if its near 90% I have an idea. if its U closer to 10%, then maybe a chroot is better? -Kev -- counter.li.org #238656 -- goto counter.li.org and be counted! (__) (oo) /------\/ / | || * /\---/\ ~~ ~~ ...."Have you mooed today?"...
Description: Digital signature