Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Home Directory Jail for Users
Top Forums UNIX for Dummies Questions & Answers Home Directory Jail for Users Post 302114768 by pressy on Wednesday 18th of April 2007 01:14:59 PM
Old 04-18-2007
what's about rksh?

Code:
$ rksh
$ cd ..
rksh: cd: restricted
$ cd /
rksh: cd: restricted
$ /usr/sbin/ifconfig
rksh: /usr/sbin/ifconfig: restricted
$

from the man page:

rksh is used to set up login names and execution environ-
ments whose capabilities are more controlled than those of
the standard shell. The actions of rksh are identical to
those of ksh, except that the following are disallowed:

o changing directory (see cd(1))

o setting the value of SHELL, ENV, or PATH

o specifying path or command names containing /

o redirecting output (>, >|, <>, and >>)

o changing group (see newgrp(1)).

The restrictions above are enforced after .profile and the
ENV files are interpreted.

When a command to be executed is found to be a shell pro-
cedure, rksh invokes ksh to execute it. Thus, it is possi-
ble to provide to the end-user shell procedures that have
access to the full power of the standard shell, while impos-
ing a limited menu of commands; this scheme assumes that the
end-user does not have write and execute permissions in the
same directory.
The net effect of these rules is that the writer of the
.profile has complete control over user actions, by perform-
ing guaranteed setup actions and leaving the user in an
appropriate directory (probably not the login directory).

The system administrator often sets up a directory of com-
mands (that is, /usr/rbin) that can be safely invoked by
rksh.

still it's not perfect, but a good way to start...

regards pressy
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Restrict users to ther home directory

Hello! I want users in a certain group to be restricted to their home directory. So that they have full access to all files and folders in their home directory but the cant go to any directory above. Does anyone know how to do this? Anders (1 Reply)
Discussion started by: alfabetman
1 Replies

2. UNIX for Dummies Questions & Answers

Profiles for users without home directory

Hi I want to know which profile will be called when a user without home directory is created. When I created a user without home directory(by setting in /etc/default/useradd), the user is able to login directly into the main "/" folder but with only read permissions. Thanks naina (3 Replies)
Discussion started by: naina
3 Replies

3. UNIX for Dummies Questions & Answers

lost /home/directory for users

I'm using HPUX 11i. The other day a user logon to the workstation and was not able to find the /home/directory (tom is the directory) I login myself and it is the same thing. The home directory is on the server, so I was thinking of using sam to map it again. does anyone know how to do it... (5 Replies)
Discussion started by: blizzgamer
5 Replies

4. Solaris

find home directory paths for all users

How to find al the user's home directories? (2 Replies)
Discussion started by: a2156z
2 Replies

5. Solaris

Common Home directory for different users??

Hi Guys, I have a problem with configuring a server. this is a solaris 10 with sparc platform. I have setup so that the server is Authenticating through NIS but I dont want the server to Mount the Home directories. The users need to logged in through the CDE/display. I have over 200 users... (2 Replies)
Discussion started by: Luky
2 Replies

6. UNIX for Advanced & Expert Users

about the access permission of users home directory

RHEL5.0 As we know, when root create a new user, a new home directory will be created : /home/user I want to know what determine the access permission of /home/user . Thanks! (1 Reply)
Discussion started by: cqlouis
1 Replies

7. Shell Programming and Scripting

script to check for a directory in /home for all users

Following on from this post: https://www.unix.com/shell-programming-scripting/150201-simple-script-mount-folder-all-users-home.html and getting told off for bumping the thread:( Please could someone help me with a short script to check is a certain directory is present in /home for all users... (8 Replies)
Discussion started by: barrydocks
8 Replies

8. Red Hat

SSH lock users to the Home Directory

Hi friends, I must to give ssh connection to own customer. So I want to lock ssh user on own home directory. It is not necessery to reach other folders. I know that ftp user can lock on own folder but I don't know how to lock ssh user. I am waitting your kindly helps :D ---------- Post... (10 Replies)
Discussion started by: getrue
10 Replies

9. AIX

close ssh users to the home directory

Hello, I must close ssh users to the home directory. It means the users musn't see anything inside their home directory. For example after login to the os and type this command "cd .." or "cd /" it musn't work. How can I implement it? (Probably chroot or rootsh but how?) (1 Reply)
Discussion started by: jeszi
1 Replies

10. UNIX for Advanced & Expert Users

Permissions on a directory in /home for all users

Hi, I have created a shared directory on /home, where all users on a certain group have read, write and execute permissions. I did this using chmod -R g+rwx /home/shared/ The problem is, when a particular user creates a directory within /home/shared, other users are not able to write to... (8 Replies)
Discussion started by: lost.identity
8 Replies

LEARN ABOUT DEBIAN

mojo::home

Mojo::Home(3pm) 					User Contributed Perl Documentation					   Mojo::Home(3pm)

NAME

       Mojo::Home - Detect and access the project root directory in Mojo

SYNOPSIS

	 use Mojo::Home;

	 my $home = Mojo::Home->new;
	 $home->detect;

DESCRIPTION

       Mojo::Home is a container for home directories.

ATTRIBUTES

       Mojo::Home implements the following attributes.

   "app_class"
	 my $class = $home->app_class;
	 $home	   = $home->app_class('Foo::Bar');

       Application class.

METHODS

       Mojo::Home inherits all methods from Mojo::Base and implements the following new ones.

   "new"
	 my $home = Mojo::Home->new;
	 my $home = Mojo::Home->new('/home/sri/myapp');

       Construct a new Mojo::Home object.

   "detect"
	 $home = $home->detect;
	 $home = $home->detect('My::App');

       Detect home directory from the value of the "MOJO_HOME" environment variable or application class.

   "lib_dir"
	 my $path = $home->lib_dir;

       Path to "lib" directory of application.

   "list_files"
	 my $files = $home->list_files;
	 my $files = $home->list_files('foo/bar');

       Portably list all files recursively in directory relative to the home diectory.

	 $home->rel_file($home->list_files('templates/layouts')->[1]);

   "mojo_lib_dir"
	 my $path = $home->mojo_lib_dir;

       Path to "lib" directory in which Mojolicious is installed.

   "parse"
	 $home = $home->parse('/home/sri/myapp');

       Parse home directory.

   "rel_dir"
	 my $path = $home->rel_dir('foo/bar');

       Portably generate an absolute path for a directory relative to the home directory.

   "rel_file"
	 my $path = $home->rel_file('foo/bar.html');

       Portably generate an absolute path for a file relative to the home directory.

   "slurp_rel_file"
	 my $string = $home->slurp_rel_file('foo/bar.html');

       Portably read all data at once from file relative to the home directory.

	 my $content = $home->slurp_rel_file($home->list_files('public')->[1]);

   "to_string"
	 my $string = $home->to_string;
	 my $string = "$home";

       Home directory.

SEE ALSO

       Mojolicious, Mojolicious::Guides, <http://mojolicio.us>.

perl v5.14.2							    2012-09-05							   Mojo::Home(3pm)
All times are GMT -4. The time now is 09:17 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy