binary execute restrictions
Lowell Gilbert
freebsd-questions-local at be-well.ilk.org
Tue Jan 13 18:04:06 PST 2004
Charles Swiger <cswiger at mac.com> writes:
> On Jan 12, 2004, at 9:52 PM, Jefferson San Juan wrote:
> > How do I restrict normal users from executing their own compiled
> > executable
> > binary files?
>
> Give them a "restricted shell" which limits the commands they can run
> to ones you specify. See "man zshall" for one example, although other
> restricted shells exist which might come closer to what you want than
> ZSH particularly:
I suspect that a restricted shell isn't going to be appropriate in
this case. Restricted shells are useful for avoiding shooting
yourself in the foot, but they're really not intended to be secure.
More information about the freebsd-questions
mailing list