retricted environment

[Matt]

Max Laier wrote:

>On Tuesday 01 March 2005 21:22, Matt wrote:
>  
>
>>When providing a shell environment for a larger number of users, what is
>>the best way to retrict access to commands/resources?  I've already
>>setup quotas.  I don't want users playing with system commands.  I've
>>read something about a retricted shell, but can't find any details.
>>    
>>
>
>I am not sure a restricted shell is the best sollution for interactive setups, 
>but one is availale from src/contrib/sendmail/smrsh.  See README for usage 
>and build information.  This, however, is more a thing for cvs-wrappers or 
>stuff like that.
>
>For interactive environments you can use the normal group/user permissions and 
>of course jail(8)s.
>
>  
>
Thanks, I'll look at that.  To allow retricted access using 
groups/users, is the normal procedure to remote o+rwx permissions from 
the selected commands/directories?  Hmm.  I thought the kernel secure 
level setting which helped restrict users.  I've much to learn.