Anders wrote regarding '[SLE] chroot a user?' on Sat, Sep 18 at 04:19:
Can I chroot a user to his/her home directory? Or something similar..
I want to block users from snooping around the files on the computer, but they should still have access via path to the standard set of applications that they normally has.
Rather than using a chroot environment, it'd probably be nearly as effective to set permissions a little differently. When I ran a public BSD lab in a school, I made groups for different "classes" of application, then went through and put users into the groups that were appropriate for them. After that, I went through the system and set the permissions for every directory and most files so as to restrict access appropriately. Most everything on the system was mode 750 or 640. It takes a little time to get everything set up that way, but it's pretty effective. Using /etc/permissions.local would be a good start. :) --Danny, noting that ACLs would be a lot handier than messing with a million different groups.