[mdlug] Read-Only access to entire system
Mark Kimsal
mark at metrofindings.com
Thu Jan 8 16:48:09 EST 2009
You could jail the user and restrict them to only their home directory. Then
you could copy in binaries and libraries for just the commands you want them
to do.
You could also put their home directory on a read-only partition, but you'd
have to limit their access to the rest of the system with some sort of chroot
jail.
Also, i think you can auto-mount an NFS directory upon login to another
machine, possibly restricting write access when doing the nfs mount.
But, i really don't think there's a flag or group setting that will just
say "don't allow write access to the hard drive anywhere". Perhaps a shell
account is the wrong approach all together? Maybe a VNC/RDP session with no
keyboard/mouse control ? (just throwing out ideas)
On Wednesday 07 January 09, gib at juno.com wrote:
> Can I set up a user ID that has read-only access to the entire system?
> ____________________________________________________________
> Learn about VA loan programs and benefits. Click now.
> http://thirdpartyoffers.juno.com/TGL2131/fc/PnY6rbuptyp86CMNbAwSjJ923G4yfjg
>CuwKzl3DBMaGFj4fUFWlik/ _______________________________________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug
--
***************************************************************************
Electronic Mail is not secure, may not be read every day, and should not be
used for urgent or sensitive issues.
Mark Kimsal
http://biz.metrofindings.com/
fax: 866-375-1590
More information about the mdlug
mailing list