View previous topic :: View next topic |
Author |
Message |
manu_leo Guru
Joined: 20 Jan 2014 Posts: 513 Location: India
|
Posted: Mon Mar 02, 2015 3:48 am Post subject: Need help fror blocking normal users from using scp, rsync. |
|
|
Hi Experts,
I need some help in knowing the ways how I can block a normal user from using some commands like rsync, scp, rm and so on. I don't want a user to take anything like the code out of the box using rsync or scp command.
The setup is simple - I have gentoo installed on my Dell server, and all users are configured locallly ( no ldap or radius authentication, just local auth.)
A normal user have access to all commands under /usr/local/bin:/usr/bin:/bin. I want to block usage of some commands from these directories.
I was thinking of using iptables to accomplish this. Please let me know if there are other ways available to do so.
Appreciate all your help in advance. |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21633
|
Posted: Mon Mar 02, 2015 3:59 am Post subject: |
|
|
You could make those commands mode 700 so that only root can run them. However, if the goal is to prevent a user from getting content off the machine, there are other ways you have not mentioned that would also need to be blocked. See also DRM shortcomings. |
|
Back to top |
|
|
manu_leo Guru
Joined: 20 Jan 2014 Posts: 513 Location: India
|
Posted: Mon Mar 02, 2015 4:18 am Post subject: |
|
|
Thanks Hu, appreciate all your help.
Let me go through the doc and will revert in case of any issues.
Thanks again. |
|
Back to top |
|
|
|