Board index Linux Security

Limited Account

Limited Account

Post by Allan Wes » Thu, 18 Oct 2001 20:04:18



I'd like to create some accounts in RHL 7.1 that are very restrictive.  Only
allowing a user to run a few commands like ping traceroute and exit.
How can I stop a user running any other command or changing the path,
viewing files etc.
Also where can I read a bit more about how user access is restricted granted
on shell commands etc.

TIA
Allan

 
 
 
Top

Limited Account

Post by Kasper Dupon » Thu, 18 Oct 2001 20:15:48



> I'd like to create some accounts in RHL 7.1 that are very restrictive.  Only
> allowing a user to run a few commands like ping traceroute and exit.
> How can I stop a user running any other command or changing the path,
> viewing files etc.
> Also where can I read a bit more about how user access is restricted granted
> on shell commands etc.

Perhaps a good start would be to make a chrooted account.
You can let the users shell be an executable that will
chroot to a particular directory, then chdir("/") and
finally execute a real shell.

--
Kasper Dupont

 
 
 
Top

Limited Account

Post by Kasper Dupon » Thu, 18 Oct 2001 20:37:47




> > I'd like to create some accounts in RHL 7.1 that are very restrictive.  Only
> > allowing a user to run a few commands like ping traceroute and exit.
> > How can I stop a user running any other command or changing the path,
> > viewing files etc.
> > Also where can I read a bit more about how user access is restricted granted
> > on shell commands etc.

> Perhaps a good start would be to make a chrooted account.
> You can let the users shell be an executable that will
> chroot to a particular directory, then chdir("/") and
> finally execute a real shell.

If you also make the users home directory owned by root
and not writeable by anybody else you should be very safe.
It could look like this:

drwxr-x--- 3 root chroot 1024 Oct 17 13:29 /home/chroot

Then use the program below as the users shell, it need to
be suid root but it only needs to be executable by the
chroot user:

-rwsr-x--- 1 root chroot 3664 Oct 17 13:26 chrootshell

I guess it would be safest to place this executable
outside the chrooted environment. Here is the code I
came up with, can anybodu spot any problems in these
lines?

#include <stdio.h>
#include <unistd.h>

static char * ENV[] =
{ "HOME=/", "PATH=/bin", "SHELL=/bin/sh", "TERM=linux" };

int main(int argc, char ** argv)
{
  if (chdir("/home/chroot")||
      chroot(".")||
      chdir("/")) return 1;
  setuid(getuid());
  argv[0]="/bin/sh";
  execve(argv[0],argv,ENV);
  perror(argv[0]);
  return 1;

Quote:}

--
Kasper Dupont
 
 
 
Top

1. Creating limited account.

System:  SunOS 4.1.1 on a Sun4/380 server

Problem: I have been asked to create a limited account which has a set
         path, and can only have disk access to two partitions.  Now,
         I am not being told why my boss wants the account set up like
         this.  

         My thoughts is that this is not really possible without some
         serious work, which I don't think is worth it.  

Any suggestions?

jc
--

Signal Processing and Interpretation Lab.  Boston, Mass  (617) 353-2879
------------------------------------------------------------------------------
"But to risk we must, for the greatest hazard in life is to risk nothing.  For
the man or woman who risks nothing, has nothing, does nothing, is nothing."
        (Quote from the eulogy for the late Christa McAuliffe.)

2. Want to look inside a RedHat Kernel

3. login.class and accounting limits

4. Pseudo tty ?

5. How do I limit the size of a home account?

6. Can I resize /tmp?

7. 8 char account limits?

8. System.map Missing

9. account limit by time

10. Limiting an account to console access

11. Limited system accounting

12. Limiting Access to Service Accounts with SU

13. Linux user accounts, is there a limit?


All times are UTC
Board index