Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Sun, 4 Nov 2001 19:39:41 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Sun, 4 Nov 2001 19:39:31 -0500 Received: from garrincha.netbank.com.br ([200.203.199.88]:28426 "HELO netbank.com.br") by vger.kernel.org with SMTP id ; Sun, 4 Nov 2001 19:39:23 -0500 Date: Sun, 4 Nov 2001 22:38:43 -0200 (BRST) From: Rik van Riel X-X-Sender: To: Lonnie Cumberland Cc: Subject: Re: Special Kernel Modification In-Reply-To: <3BE5D6EC.8040204@outstep.com> Message-ID: X-spambait: aardvark@kernelnewbies.org X-spammeplease: aardvark@nl.linux.org MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org On Sun, 4 Nov 2001, Lonnie Cumberland wrote: > I have look into using things like "chroot" to restrict the users for > this very special server, but that solution is not what we need. > My problem is that I need to find a way to prevent the user from > navigating out of their home directories. chroot() will do that pretty well, but if you want more you can always take a look at vserver: http://www.solucorp.qc.ca/miscprj/s_context.hc Not as sophisticated as NSA's selinux, but that also means it's much easier to get security because it's just easier to setup ;) regards, Rik -- DMCA, SSSCA, W3C? Who cares? http://thefreeworld.net/ http://www.surriel.com/ http://distro.conectiva.com/ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/