create a restricted user
Robert Storey
y2kbug at ms25.hinet.net
Sun Feb 6 01:18:37 UTC 2005
On Sun, 6 Feb 2005 01:28:50 +0100
Zacharie Elcor <zelcor at gmail.com> wrote:
> I want to create a restricted user without password that can only use
> a web browser.
> I added a user named "visitor" and created in his home dir a file
> .xsession that contains:
>
> firefox
>
> so that when he logs in, firefox is launched, and when he closes
> firefox, he is logged out.
> This works fine but he is still able to ctrl+alt+F(1-6) and log in to
> browse the file system.
>
> To prevent that, I tried to set /bin/false as the default shell for
> that user in /etc/passwd but this also prevented him to log in
> graphically.
>
> Is there a way to be sure that "visitor" will only be able to browse
> the web and not the file system ? any security issues ?
>
> Thanks for help
A relatively way to do this would be to use rbash (or "bash -r") as the
user shell. For details, see "man bash" and search on the word
"restricted".
cheers,
Robert
More information about the fedora-list
mailing list