Re: Restrict a user to a set of binaries?

To: debian-user@lists.debian.org
Subject: Re: Restrict a user to a set of binaries?
From: Bob Proulx <bob@proulx.com>
Date: Fri, 2 Mar 2012 10:22:58 -0700
Message-id: <[🔎] 20120302172258.GA10911@hysteria.proulx.com>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 1330702814.18148.1.camel@lt-mazen.sequans.com>
References: <[🔎] CACvomdSxda8BgrsA0Byhm3kh8-AFUXkS4XO2ZA1=LEZkvYCrBg@mail.gmail.com> <[🔎] 1330702814.18148.1.camel@lt-mazen.sequans.com>

Abou Al Montacir wrote:
> Maybe create a new groups "trusted" and do the following
> cd /bin
> chown root.trusted *
> chmod 750 *
> for ff in $ {TRUSTED_BIN_LIST} ; do chmod o=rx $ff ; done
> 
> Then add trusted users to the rusted group and keep th non trusted users
> outside.

With this users can still create files and copy the programs they want
to run onto the system and run their own copy of them.

Bob

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: Restrict a user to a set of binaries?
  - From: Claudius Hubig <nfs_2012@chubig.net>

References:
- Restrict a user to a set of binaries?
  - From: Bijoy Lobo <bijoy.lobo@paladion.net>
- Re: Restrict a user to a set of binaries?
  - From: Abou Al Montacir <abou.almontacir@sfr.fr>

Prev by Date: Re: MD device not found on boot
Next by Date: Re: printing dead slow since squeeze
Previous by thread: Re: Restrict a user to a set of binaries?
Next by thread: Re: Restrict a user to a set of binaries?
Index(es):
- Date
- Thread