UNIX for Dummies Questions & Answers

Hi,

Is there a way to protect users from deleteing their .profile ?

For the majority of our users I created a captive login by a .profile that starts a menu-script. In this menu a user can only start our applications and logoff. This prevents users from getting to the unix-prompt.

However, I foresee a problem when users use FTP/SCP for file-transfer.
Allthough .profile has 400 as file-permission, they can still delete .profile and ftp a new .profile, thus getting to the unix-prompt.

Oke, I could set users home-directory to 500 (read/execute) but that would prevent applications to write files to the home-directory.

Is there a nice way to protect .profile ? Or can I create a captive-login in another way ?

Tia,
Leon

One possible solution. Change the owner of the .profile to nobody, permissions of the script to 444.

I don't think that will work. As the user still has write permissions on the home directory, s/he will still be able to delete the file.

Make sure that menu script is truly executable. Then make it the shell for the user.

Hi,

if You want avoid unwanted remove, You can write Your on Script rm to force the user all time use option -i.
Set this as enviroment variable with .profile.
At first UNIX will ask the enviroment then the original command.

Best regards
Dieter

Ok i was reading something in a book about noclobber heres the quote from the book "In the C shell use the command set noclobber. The Korn shell and Bash command is set -o noclobber. Enter the command at the shell prompt or put it in your shell's startup file. After that, the shell will not allow you to redirect onto an existing file and overwrite its contents" *page 70 of Learning the Unix operating system by O'Reilly* Now i am not sure if that is going to help at all but i figured it was worth a shot. Let me know if that helps

Were you able to find a way to protect the .profile to be remove by the user ?