Answer the question
In order to leave comments, you need to log in
How to limit the user's rights?
Hello. A rather non-trivial task has appeared.
It is necessary to allow some users to download php, python, ruby scripts to a certain folder and run them from there. You can restrict visibility using chroot. Everything is clear here. But how to forbid them, for example, to reboot the server from the script? Is it possible to somehow limit everything that is possible with user rights, leaving only the ability to run the scripts themselves without any consequences for the server?
I hope I explained clearly. Thanks in advance.
Answer the question
In order to leave comments, you need to log in
Here, no chroot is needed, but a properly configured jailkit.
Run the execution of scripts with the rights of a specific user -
after all, exactly what you create and nothing more will be available under the root.
I mean, for example, in order for shutdown to work in kchrute, there should be / sbin / shutdown and similarly for other commands.
You can, of course, disable dangerous functions in the php / ruby settings themselves, but then problems with scripts may arise.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question