01-11-2011
It would also be helpful to know what the user is allowed to do.
The Resricted Shell suggested above is a very good recommendation. In addition you will need to force a Restricted Path in the profile file and point it only to a directory containing a copy of the unix commands which the user is allowed to use.
This is hard work to set up and I have had to do it for users on technical training courses totally unrelated to the main operation of the server. Always assume that the trainee can Google common hacks. Dangerous programs are the likes of "vi" and "more" which can allow breakout to Shell. If in doubt don't let the user access the program or data.
Advise enable long Shell history on Restricted accounts and analyse the content. 99% will be boring. [There are legal issues here where you need to warn staff that access is monitored. I am not a lawyer so DYOR].
10 More Discussions You Might Find Interesting
1. Solaris
Hi all,
I am using Sun OS 5.10. I am new to Unix.
Is there some way to restrict a specific user to certain command say "/usr/bin/more" ??
for example: I want that user1 can execute more command & user2 can't.
Can we somehow edit .profile file in the home directory of user to achieve... (1 Reply)
Discussion started by: vikas027
1 Replies
2. AIX
Hello
I have a question in Aix 5.3 can I create a user, that only can see a specify path.
I mean the user log in the default path its /home/newuser he type cd the path that need to check /example/directory_check but if he wants to go to / or any other path. we can not do this.
I only... (1 Reply)
Discussion started by: lo-lp-kl
1 Replies
3. UNIX for Advanced & Expert Users
Hi
I have requirement to create 3 new users on my server but to restrict their access to a set of particular folders.
/export/home/kapil/shared,
/export/home/kapil/shared/Folder1
/export/home/kapil/shared/Folder2
These folders should be accessible to all the 3 users and to me too.... (1 Reply)
Discussion started by: kapilk
1 Replies
4. UNIX for Dummies Questions & Answers
Hi everyone !
I got "viewer" and "root" user on a *nix computer. When i log in using "viewer" I only can use "df" command. When I try another command like "ls" it say :
-bash: ls: command not found
I checked permission of "/bin/ls" file, it has excute permission for everyone. Inside home... (4 Replies)
Discussion started by: camus
4 Replies
5. Red Hat
Hi
I have a Fedora10 server and i need a particular user to view files only in a particular folder.
All other files in other folders having "read" permission for all shouldn't be accessible to this user.
Please let me know if ther's a way.
Thanks,
HG (5 Replies)
Discussion started by: Hari_Ganesh
5 Replies
6. UNIX for Dummies Questions & Answers
Hi All,
How can we restrict a particular user access to a particular shell in solaris 10.
Thanks in Advance. (5 Replies)
Discussion started by: rama krishna
5 Replies
7. Red Hat
Hi there
I have an application user on my system that wants accesses to these file systems as such:
rwx:
/SAPO
/SAPS12
/R3_888
/R3_888B
/R3_888F
/R3_888R
r:
/usr/sap
these are the existing FS permissions:ownerships:
# ls -ld /SAPO (9 Replies)
Discussion started by: hedkandi
9 Replies
8. AIX
hi,
I want to restrict some user access to only 1 directory (including all sub-directories/files in it).
can you please explain me, how can we do this?
example;
Filesystem GB blocks Used Free %Used Mounted on
/dev/hd4 2.61 1.02 1.59 40% /
/dev/hd2 ... (7 Replies)
Discussion started by: aaron8667
7 Replies
9. HP-UX
Dear Concern,
We want to restrict ssh for particular user "oracle". Our HP UX version is as below. Please advise.
# uname -a
HP-UX tabsdb02 B.11.31 U ia64 2963363594 unlimited-user license (2 Replies)
Discussion started by: makauser
2 Replies
10. Web Development
Hello,
I need help in Apache to restrict user for number of concurrent connection. its basically related to nagios monitoring site. End user opening N no of tab to monitor and it increase load on server.
any setting will help me here. (3 Replies)
Discussion started by: ghpradeep
3 Replies
LEARN ABOUT OSX
cpanplus::shell
CPANPLUS::Shell(3pm) Perl Programmers Reference Guide CPANPLUS::Shell(3pm)
NAME
CPANPLUS::Shell - base class for CPANPLUS shells
SYNOPSIS
use CPANPLUS::Shell; # load the shell indicated by your
# config -- defaults to
# CPANPLUS::Shell::Default
use CPANPLUS::Shell qw[Classic] # load CPANPLUS::Shell::Classic;
my $ui = CPANPLUS::Shell->new();
my $name = $ui->which; # Find out what shell you loaded
$ui->shell; # run the ui shell
DESCRIPTION
This module is the generic loading (and base class) for all "CPANPLUS" shells. Through this module you can load any installed "CPANPLUS"
shell.
Just about all the functionality is provided by the shell that you have loaded, and not by this class (which merely functions as a generic
loading class), so please consult the documentation of your shell of choice.
BUG REPORTS
Please report bugs or other issues to <bug-cpanplus@rt.cpan.org<gt>.
AUTHOR
This module by Jos Boumans <kane@cpan.org>.
COPYRIGHT
The CPAN++ interface (of which this module is a part of) is copyright (c) 2001 - 2007, Jos Boumans <kane@cpan.org>. All rights reserved.
This library is free software; you may redistribute and/or modify it under the same terms as Perl itself.
SEE ALSO
CPANPLUS::Shell::Default, CPANPLUS::Shell::Classic, cpanp
perl v5.16.2 2012-10-11 CPANPLUS::Shell(3pm)