Thursday, April 3, 2008

AIX Restricted Shell to certain user

#vi /etc/security/login.cfg
* Others Security Attribute
usw:
shells = /bin/sh, .....,/usr/bin/Rsh

#chuser shell=/usr/bin/Rsh john
Now, John can't
- change the current dir
- Change the PATH variable
- Use COMMANd contains slashes
- Redirect standard output (>, >>)

Providing a limited set of commands
To give a limited set of commands to a user, copy the command to /usr/rbin and add /usr/rbin to the user 's PATH