On Mon, Feb 02, 2004 at 01:58:20PM -0600, Rick Weinbender wrote: > The user needs access to /home directory and everything > below it, but not anything higher in the tree.
If the groups approach elsewhere in the tree proves too unhandy, you might want to investigate into the kernel patches that flexibilize the traditional UNIX access control policy. RSBAC is one I have tried briefly. It would do the job, though I have not gone into it deeply enough to recommend or not to recommend it. > (I've heard something about chroot doing this, but haven't > tried it. What's recommended?) You could do something like ``chroot /home'', but as rootshells go, escaping the jail would be trivial, AFAIK. HTH. -- Jan Minar "Please don't CC me, I'm subscribed." x 9
pgp00000.pgp
Description: PGP signature
