create a restricted user
Zacharie Elcor
zelcor at gmail.com
Sun Feb 6 10:03:46 UTC 2005
On Sun, 6 Feb 2005 09:18:37 +0800, Robert Storey <y2kbug at ms25.hinet.net> wrote:
> On Sun, 6 Feb 2005 01:28:50 +0100
> Zacharie Elcor <zelcor at gmail.com> wrote:
>
> > I want to create a restricted user without password that can only use
> > a web browser.
> > I added a user named "visitor" and created in his home dir a file
> > .xsession that contains:
> >
> > firefox
> >
> > so that when he logs in, firefox is launched, and when he closes
> > firefox, he is logged out.
> > This works fine but he is still able to ctrl+alt+F(1-6) and log in to
> > browse the file system.
> >
> > To prevent that, I tried to set /bin/false as the default shell for
> > that user in /etc/passwd but this also prevented him to log in
> > graphically.
> >
> > Is there a way to be sure that "visitor" will only be able to browse
> > the web and not the file system ? any security issues ?
> >
> > Thanks for help
>
> A relatively way to do this would be to use rbash (or "bash -r") as the
> user shell. For details, see "man bash" and search on the word
> "restricted".
I tried that but this had the same effect than using /bin/false as the
default shell
>
> cheers,
> Robert
>
>
More information about the fedora-list
mailing list