10-25-2019
How about mounting the NFS share read-only / noexec no the reference server ?
User will still be able to execute the script in that directory/mountpoint using
bash script.sh
Read only would stop write on that same filesystem if that would help.
Even if you do all possible magic, a shell access and permissions would still allow user Bob to copy / change / execute the shell code on server1.
Actually, i cannot think of a way to stop user Bob of being Bob in your use case, no matter which server is in question.
Perhaps someone else here has some bright idea
Hope that helps
Regards
Peasant.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi everyone:
I'm trying to make a CRON job that will execute Fridays at 7am. I have the following:
* 7 * * 5
I've been studying up on CRON and I know to have this in a file and then "crontab filename.txt" to add it to the CRON job list.
The CRON part I believe I understand, but I would... (6 Replies)
Discussion started by: Annorax
6 Replies
2. Shell Programming and Scripting
Hi all,
Is there a way to prevent users from being able to execute commands less a select few? For instance, I wish to allow the user to be only able to execute 1 command, which is exec a.sh. He should not be able to do simple stuff such as ls, cd, rm, cat, etc.
Can this be achieved?
... (1 Reply)
Discussion started by: rockysfr
1 Replies
3. UNIX for Advanced & Expert Users
Hi All,
It will be very great if you can help me in this issue. Thanks in advance.
I need to enable FTP on a solaris9 server. I need to create a new user some "xxxxxx" and he can only FTP the files to and from between /tftpboot directory and network devices. Other users should not... (8 Replies)
Discussion started by: santhoshkumar_d
8 Replies
4. UNIX for Dummies Questions & Answers
specifically - I don't need to restrict a user to a single directory - but I want them to be "ROOTED" to their home directory.
so if my home directory is /home/onlyme
when I login - if I do a pwd - I want to see:
/
but in real life I will be in /home/onlyme - it just appears as root to... (10 Replies)
Discussion started by: itobenon
10 Replies
5. UNIX for Dummies Questions & Answers
Hi
I need to restrict one user to see only his home directory and
one more directory how i can do this in his profile.
The OS is Red hat linux
I create a user -- tec
and group calle --tec
one the user log in he will see
/home/tec
and he need to see /opt/load
this dirctory... (6 Replies)
Discussion started by: aboorkuma
6 Replies
6. Linux
Hi Gurus ,
I hope you are doing great .
Other than owner of the file , OTHERS and GROUP should be restricted from read or write a file created by the owner.
OTHERS and GROUP should be only allowed to execute the file.
Thanks in advance. (8 Replies)
Discussion started by: palanisvr
8 Replies
7. Red Hat
Hi
I have a Fedora10 server and i need a particular user to view files only in a particular folder.
All other files in other folders having "read" permission for all shouldn't be accessible to this user.
Please let me know if ther's a way.
Thanks,
HG (5 Replies)
Discussion started by: Hari_Ganesh
5 Replies
8. Solaris
I am using Solaris 10 on SPARC.
SunOS ddw 5.10 Generic_139555-08 sun4u sparc SUNW,SPARC-Enterprise
I have put some text files in a directory '/u01/network'
I want to create a ftp user which can just read the files in the network directory. The ftp user shouldn't be able to navigate or see... (4 Replies)
Discussion started by: fahdmirza
4 Replies
9. Solaris
Hi all,
I want to create a new user and grant him ONLY transfer files access to a specific directory where he can only upload and read the files. He should be restricted to this activity only.
Regards (6 Replies)
Discussion started by: gilldn
6 Replies
10. AIX
hi,
I want to restrict some user access to only 1 directory (including all sub-directories/files in it).
can you please explain me, how can we do this?
example;
Filesystem GB blocks Used Free %Used Mounted on
/dev/hd4 2.61 1.02 1.59 40% /
/dev/hd2 ... (7 Replies)
Discussion started by: aaron8667
7 Replies
RBASH(1) General Commands Manual RBASH(1)
NAME
rbash - restricted bash, see bash(1)
RESTRICTED SHELL
If bash is started with the name rbash, or the -r option is supplied at invocation, the shell becomes restricted. A restricted shell is
used to set up an environment more controlled than the standard shell. It behaves identically to bash with the exception that the follow-
ing are disallowed or not performed:
o changing directories with cd
o setting or unsetting the values of SHELL, PATH, ENV, or BASH_ENV
o specifying command names containing /
o specifying a filename containing a / as an argument to the . builtin command
o specifying a filename containing a slash as an argument to the -p option to the hash builtin command
o importing function definitions from the shell environment at startup
o parsing the value of SHELLOPTS from the shell environment at startup
o redirecting output using the >, >|, <>, >&, &>, and >> redirection operators
o using the exec builtin command to replace the shell with another command
o adding or deleting builtin commands with the -f and -d options to the enable builtin command
o using the enable builtin command to enable disabled shell builtins
o specifying the -p option to the command builtin command
o turning off restricted mode with set +r or set +o restricted.
These restrictions are enforced after any startup files are read.
When a command that is found to be a shell script is executed, rbash turns off any restrictions in the shell spawned to execute the script.
SEE ALSO
bash(1)
GNU Bash-4.0 2004 Apr 20 RBASH(1)