limiting users to their home directory
Smoot Carl-Mitchell
smoot at tic.com
Tue Dec 23 16:29:10 UTC 2008
On Tue, 2008-12-23 at 09:21 +0000, Kenneth P. Turvey wrote:
> > Take a look at rbash - restricted bash shell.
>
> See and edit... I don't think rbash is going to help here. You need a
> complete chrooted environment to work this out. Do a google search on
> chroot. I doubt you really want what you say you want, but if you do,
> that's the only way you are going to get it. Hard links are your friend.
rbash does some interesting things which may be adequate depending on
the level of security required. I noticed there are some problems with
shell escapes in commands (vim) where you can escape to a bash shell and
get out of the restricted environment. I agree it is not as secure as a
chrooted environment, but it may meet the OP's needs.
What is needed here is an assessment of the security risks to the
system. The most obvious is a user exploits a security vulnerability and
gains root access. chroot does not entirely eliminate that possibility,
but it does provide a layer of protection against such exploits,
depending on the architecture of the chrooted environment.
--
Smoot Carl-Mitchell
System/Network Architect
smoot at tic.com
+1 480 922 7313
cell: +1 602 421 9005
More information about the ubuntu-users
mailing list