28 Jan
2004
28 Jan
'04
20:25
1.- created a .bashrc fila with a logout on the first line for all users (Just one) 2.- Change shell to bash for all this users. 3.- chown root .bashrc 4.- chmod 555 .bashrc
And there you go!
Do you find a hole on that? Yes ... user can still remove it, because he owns his home directory and has therefore delete rights. You COULD set the permissions like in /tmp (1755), but I ask myself, why you don't use scponly or rssh as shell, as I suggested? They are designed for your purpose. No clumsy scripts and permissions necessary!
Markus -- __________________ /"\ Markus Gaugusch \ / ASCII Ribbon Campaign markus(at)gaugusch.at X Against HTML Mail / \