[Wolves] Locking own an SSH login
theology at gmail.com
Sat Feb 28 10:54:56 UTC 2009
2009/2/27 Adam Sweet <adam at adamsweet.org>:
> The idea is that I only want to allow the user to run commands provided
> in the home directory,
One extra thing is to set their initial login directory to some
directory (e.g. /Users/adam) and then make their real home directory
(/home/adam) unwritable to them. Then the user cannot (purposely or
accidentally) copy up dot files that override your setup.
A proper chroot jail with limited utils is the way to go though if you
really don't know what they are going to do.
More information about the Wolves