Very Computer

Hello,
  I have a quick question.  We are interested in setting up a restricted
UNIX command shell for a few of our customers.  We would like a shell
that gives our users access to their home directories (and below), as
well as the ability to run programs specified in their path.  We would
not like them to be able to see or move outside their home directory, or
change their PATH environment variable.  Has anyone done this before?
If so how?  We have looked at quite a few things, and running 'sh -r'
doesn't givce the desired effect.

Thanks for any help,
Ben Gavin

Hi Ben

It's easy to do, but why suppress people? Isn't it a nice thing,
if someone has some more interests in useing unix, than just copy
some files within the homedirectory? You can easily close some
directories which you do not want to be used by users.
If they should not run certain programs, than one can also
restrict their usage. Unix provides the group attribute for
such purposes. One can put someone into a secondaray group, so
that he has additional access for an otherwise closed directory.

Bye, Per.
---------------------------------------------------------------------
Per Kistler
Programmer (Unix/Perl/C++)

http://www.erdw.ethz.ch/~kistler
Institute for Isotope Geology and Mineral Resources, ETH, Switzerland
---------------------------------------------------------------------

There was one shell known as restricted shell, I dont remmeber exactly
what it is .. rsh says that it is a remote shell, but I remember
longtime back using it as a restricted shell. I myself am curious to
know about this.

--

-srinu-

Quote:>There was one shell known as restricted shell, I dont remmeber exactly
>what it is .. rsh says that it is a remote shell, but I remember
>longtime back using it as a restricted shell. I myself am curious to
>know about this.

HTH,
Rob.

--

W3:                                       http://www.flnet.nl/~0wolfram01
=========================================================================
L I N U X :   T H E   C H O I C E   O F   A   G N U   G E N E R A T I O N
=========================================================================
Micro$oft is not the answer; Micro$oft is the question. The answer is NO.
=========================================================================