Creating limited account.
Ron Schnell
ronnie at sos.com
Thu Apr 25 11:02:16 AEST 1991
>Problem: I have been asked to create a limited account which has a set
> path, and can only have disk access to two partitions. Now,
> I am not being told why my boss wants the account set up like
> this.
>
> My thoughts is that this is not really possible without some
> serious work, which I don't think is worth it.
>
>Any suggestions?
>
>jc
>--
> -- James Cameron (jc at raven.bu.edu)
Interesting you should mention this. I was thinking about it a while
ago and came up with a rather simple solution.
Create the user with / as the home directory, and this program as
their shell (setuid to root):
---------------------- CUT HERE ---------------------
main()
{
int x;
chdir(USER_HOME_DIRECTORY);
x = chroot(USER_HOME_DIRECTORY);
if (x < 0)
{
printf("Error changing root\n");
perror("tcsh");
exit(0);
}
setuid(getuid());
setenv("HOME", "/", 1); /* This is really USER_HOME_DIR */
x=execlp("/bin/csh", "csh", 0);
}
------------------- CUT HERE -------------------------
Compile with -DUSER_HOME_DIRECTOR=<the desired home directory>
Then comes the tricky part. In order to allow the user to run all of
the commands that any other user could run, you NFS MOUNT the local
filesystems for the command directories on the local machine. This
will also work to give the user access to any filesystem you want.
For example, let's say I want to give "testuser" access to
/u/testuser, and /foobar. Create the password entry:
testuser::84:15:Test User:/:/usr/local/tcsh
Make the home directory, and the nfs mount points.
% mkdir /u/testuser
% mkdir /u/testuser/bin
% mkdir /u/testuser/usr
% mkdir /u/testuser/etc
% mkdir /u/testuser/usr/bin
% mkdir /u/testuser/usr/ucb (if appropriate)
% mkdir /u/testuser/foobar
Do the nfs mounts (assume the machine is called "moby")
% mount -r moby:/bin /u/testuser/bin
% mount -r moby:/usr/bin /u/testuser/usr/bin
% mount -r moby:/usr/ucb /u/testuser/usr/ucb
% mount -r moby:/etc /u/testuser/etc
% mount moby:/foobar /u/testuser/foobar
(Of course all of these filesystems must be in /etc/exports)
This should work. Of course we don't want to think about the
performance consiquences, but who cares! The guy is obviously a
lamoid anyway if we want to restrict him/her!
I would be interested in hearing if people think this is utterly
disgusting or not, and if anyone else has tried it. I call it the
"moby symbolic link".
#Ron
More information about the Comp.unix.admin
mailing list