Quote:
Originally Posted by
alan
At least, the majority of users should not be able to use vi, cp, mv and rm.
I think you are doing that from the wrong end. Let us take a step back:
There are certain files which are pertinent to the proper operation of the system: operating system binaries, libraries, vital configuration files, ... To identify these seems like a lot of work, but the UNIX filesystem hierarchy, if properly used, will assist by concentrating these vital things into a few directories. Identify all these files/directories. "Normal" users should not have write access to any of these files/directories. Still, every user should be able to modify his own files/directories. Taking away access to "vi" seems like a good idea, but you take away the ability to even take a note with it - and you would have to take away a lot of other commands too, which can modify a file too: dd, cat, ed, ex, cp, paste, join, sort, echo, print, printf, sed, awk, ... this list is endless.
Instead of limiting the tools to modify files it is better to limit the access to the filesy themselves. As long as you are not allowed to modify fileX it doesn't matter if you try to do it with "vi" or any other tool.
Another aspect: you can limit the privilege to modify vital files to certain people but you can't make these behave more responsible by a security measure. In every scenario there will be at least one person who is allowed to wreak havoc on the system. The privilege to use comes always with the privilege to misuse - because the system cannot separate legit and illegitimate use of a resource at all. In a nutshell: you cannot prevent root from being root.
This is the reason why "Sysadmin" is a job usually done by a very small select group of people - specially trained and qualified for the job - and all the others are limited to a small part of the system. Still, even for these goes: if you can use something it is within your power to misuse it and if you are the admin for the "foo" software and can edit its config files you can perhaps misconfigure it in a way that it won't start, won't be accessible or won't work properly in some other respect.
I hope this helps.
bakunin