create a restricted user
Paul Howarth
paul at city-fan.org
Sun Jun 5 09:40:30 UTC 2005
On Sat, 2005-06-04 at 22:54 +0200, Zacharie Elcor wrote:
> I think I found a way to do it :
> In my visitor's .bashrc, I added :
>
> if [ -z $DISPLAY ]
> then
> logout
> fi
>
> If the visitor tries to log in graphically, he can only do what
> firefox allows him to do (perhaps should I use a more simple browser
> because of extensions my visitor could add) and if he tries to log in
> via ctrl-alt-f1, he is logged out immediately.
And supposing your visitor logs in using ssh with X forwarding turned
on?
Security is *hard* I'm afraid.
Paul.
--
Paul Howarth <paul at city-fan.org>
More information about the fedora-list
mailing list