permission for user2

Protecting your Linux box
usamahashimi

permission for user2

Postby usamahashimi » Wed Nov 15, 2006 5:00 pm


lambda
Major General
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Location: Lahore
Contact:

Postby lambda » Wed Nov 15, 2006 8:10 pm

this is not easy to solve. here's a partial solution:

add a group named "appusers", and put user1 in it. then, for every application you want to keep user2 from running, do

chgrp appusers /usr/bin/whatever
chmod o-x /usr/bin/whatever

there are several downsides to this approach.

#1: you have to list all users who can run the application in the appusers group.
#2: when you upgrade packages, and a new version of xmms or whatever is installed, it might install on the system with normal ownerships and permissions, meaning you'd have to run the chgrp/chmod commands again manually. you can probably cheat and put all the commands in a script, and run them automatically on boot or something.
#3: the user can simply download copies of xmms or firefox for your distribution and run them out of his home directory.


Return to “Security”

Who is online

Users browsing this forum: No registered users and 1 guest