this is not easy to solve. here's a partial solution:
add a group named "appusers", and put user1 in it. then, for every application you want to keep user2 from running, do
chgrp appusers /usr/bin/whatever
chmod o-x /usr/bin/whatever
there are several downsides to this approach.
#1: you have to list all users who can run the application in the appusers group.
#2: when you upgrade packages, and a new version of xmms or whatever is installed, it might install on the system with normal ownerships and permissions, meaning you'd have to run the chgrp/chmod commands again manually. you can probably cheat and put all the commands in a script, and run them automatically on boot or something.
#3: the user can simply download copies of xmms or firefox for your distribution and run them out of his home directory.
Protecting your Linux box
2 posts • Page 1 of 1
Who is online
Users browsing this forum: No registered users and 1 guest