jc@raven.bu.edu (James Cameron) (04/24/91)
System: SunOS 4.1.1 on a Sun4/380 server
Problem: I have been asked to create a limited account which has a set
path, and can only have disk access to two partitions. Now,
I am not being told why my boss wants the account set up like
this.
My thoughts is that this is not really possible without some
serious work, which I don't think is worth it.
Any suggestions?
jc
--
-- James Cameron (jc@raven.bu.edu)
Signal Processing and Interpretation Lab. Boston, Mass (617) 353-2879
------------------------------------------------------------------------------
"But to risk we must, for the greatest hazard in life is to risk nothing. For
the man or woman who risks nothing, has nothing, does nothing, is nothing."
(Quote from the eulogy for the late Christa McAuliffe.)ronnie@sos.com (Ron Schnell) (04/25/91)
>Problem: I have been asked to create a limited account which has a set > path, and can only have disk access to two partitions. Now, > I am not being told why my boss wants the account set up like > this. > > My thoughts is that this is not really possible without some > serious work, which I don't think is worth it. > >Any suggestions? > >jc >-- > -- James Cameron (jc@raven.bu.edu) Interesting you should mention this. I was thinking about it a while ago and came up with a rather simple solution. Create the user with / as the home directory, and this program as their shell (setuid to root): ---------------------- CUT HERE --------------------- main() { int x; chdir(USER_HOME_DIRECTORY); x = chroot(USER_HOME_DIRECTORY); if (x < 0) { printf("Error changing root\n"); perror("tcsh"); exit(0); } setuid(getuid()); setenv("HOME", "/", 1); /* This is really USER_HOME_DIR */ x=execlp("/bin/csh", "csh", 0); } ------------------- CUT HERE ------------------------- Compile with -DUSER_HOME_DIRECTOR=<the desired home directory> Then comes the tricky part. In order to allow the user to run all of the commands that any other user could run, you NFS MOUNT the local filesystems for the command directories on the local machine. This will also work to give the user access to any filesystem you want. For example, let's say I want to give "testuser" access to /u/testuser, and /foobar. Create the password entry: testuser::84:15:Test User:/:/usr/local/tcsh Make the home directory, and the nfs mount points. % mkdir /u/testuser % mkdir /u/testuser/bin % mkdir /u/testuser/usr % mkdir /u/testuser/etc % mkdir /u/testuser/usr/bin % mkdir /u/testuser/usr/ucb (if appropriate) % mkdir /u/testuser/foobar Do the nfs mounts (assume the machine is called "moby") % mount -r moby:/bin /u/testuser/bin % mount -r moby:/usr/bin /u/testuser/usr/bin % mount -r moby:/usr/ucb /u/testuser/usr/ucb % mount -r moby:/etc /u/testuser/etc % mount moby:/foobar /u/testuser/foobar (Of course all of these filesystems must be in /etc/exports) This should work. Of course we don't want to think about the performance consiquences, but who cares! The guy is obviously a lamoid anyway if we want to restrict him/her! I would be interested in hearing if people think this is utterly disgusting or not, and if anyone else has tried it. I call it the "moby symbolic link". #Ron