Hi,
Is there a way to protect users from deleteing their .profile ?
For the majority of our users I created a captive login by a .profile that starts a menu-script. In this menu a user can only start our applications and logoff. This prevents users from getting to the unix-prompt.
However, I foresee a problem when users use FTP/SCP for file-transfer.
Allthough .profile has 400 as file-permission, they can still delete .profile and ftp a new .profile, thus getting to the unix-prompt.
Oke, I could set users home-directory to 500 (read/execute) but that would prevent applications to write files to the home-directory.
Is there a nice way to protect .profile ? Or can I create a captive-login in another way ?
Tia,
Leon