On 03/31/2011 08:44 PM, Dick Kniep wrote:
Hi list,
Reading all comments on my stone in the pond I still think it is not really clear what the problem is (and my proposed solution)
I do not want to secure the entire server. I only want a door that can be locked. So I allow a user to use the terminal. Okay he is allowed to use the terminal and so he can do anything he likes. No problem.
Or I say on the server the user may only use program XYZ. XYZ starts and that is all. If XYZ deletes my system that is Okay by me. The user had access to that program and that is it.
This can be enforced by my simple solution. From the client a command is sent, say "Start terminal". Then in the wrapper, the user is matched with the command and if the match exists, the command is allowed and is executed. If not, the request is rejected.
Maybe this can be achieved also by apparmor, but it looks to me that apparmor is intended to secure the entire system which is really not what I want. (Or maybe I am mistaken because of lack of knowledge of apparmor)
Dick Kniep
It looks like you want an "authorization" solution. And that is what functionality like "sudo" is meant for. You make your users members of a certain group and then give that group rights to only specific executables. If they try to execute anything else, the command will fail.
Regards, Gerry