[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: how do I chroot for users.



I would recommend using a restricted shell (rbash comes to mind)

its very easy to setup and fairly secure.

hope this helps!

tom

p.s. i realize that this is not a "pam" solution, but it should do what
you want :)

On Sat, 17 Jan 1998, XxEDGExX wrote:

> 
> Heh, of course you must realize that I am far from
> having the capabilities of doing this or I wouldn't
> waste your time posting these messages.
> 
> I thought about that email shortly after I wrote it
> and wondered to myself if I came off sounding a little
> rude.  That wasn't my intension at all.
> 
> If it is possible to setup a chroot environment which
> actually works within somewhat reasonable boundaries,
> and it isn't something that would require a year of 
> development, then I think it should be made available.
> 
> One reason is to protect against an administrators
> own faults in security that could be better analyzed
> with the ability to simple look around.
> 
> Another reason is individual environments for each user.
> One user I would like to be able chown his files, another
> I don't, so I simple don't give him chown.  Etc.
> 
> I'm sure there's tons of other valid reasons, but for me
> these are at the top.
> 
> Thanks
> -jeremy
> 
> > > home directories.  Plain and simple.  Whether you agree with
> > > this approach or not, the feature should be available.
> > 
> > "should".... Start coding :-)
> > 
> > Cristian
> > --
> > ----------------------------------------------------------------------
> > Cristian Gafton   --   gafton@redhat.com   --   Red Hat Software, Inc.
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >  UNIX is user friendly. It's just selective about who its friends are.
> > 
> > -- 
> > To unsubscribe: mail -s unsubscribe pam-list-request@redhat.com < /dev/null
> > 
> 
> 
> http://www.xxedgexx.com | jeremy@xxedgexx.com
>  _  _     _     _   _   | pgp available from:
>  _|  |    _| | |_  | |  | http://www.xxedgexx.com/pgp.html
> |_   | o |_  |  _| |_|  | 
> 
> 
> -- 
> To unsubscribe: mail -s unsubscribe pam-list-request@redhat.com < /dev/null
> 

______________________________________________________________
Tom Ryan                                   Voice: 609 225-6361
Systems Programmer                           Fax: 609 225-6487
Rutgers School of Law - Camden



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []