From owner-freebsd-questions  Mon Jul 19  1:43:58 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from twwells.com (twwells.com [209.118.236.57])
	by hub.freebsd.org (Postfix) with SMTP id D980814C7F
	for <freebsd-questions@freebsd.org>; Mon, 19 Jul 1999 01:43:50 -0700 (PDT)
	(envelope-from news@twwells.com)
Received: from news by twwells.com with local (Exim 1.71 #2)
	id 1168vx-0007KQ-00; Mon, 19 Jul 1999 04:38:01 -0400
From: bill@twwells.com (T. William Wells)
To: freebsd-questions@freebsd.org
Subject: Re: how to watch the root user?
Message-ID: <7muo54$reg$1@twwells.com>
References: <7muhbs$hdn$1@twwells.com> <Pine.BSF.4.05.9907190100020.331-100000@venus.GAIANET.NET>
Date: Mon, 19 Jul 1999 04:38:01 -0400
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In article <Pine.BSF.4.05.9907190100020.331-100000@venus.GAIANET.NET>,
Vincent Poy  <vince@venus.GAIANET.NET> wrote:
:       Ah, sudo or super.  But would they need to login as themself then
: need another password sort of like su before they get the privileges or is
: there a way so they can default login and it has only those commands?

There are such things as "restricted shells", which are supposed
to provide a restricted set of commands and functionality but the
security on those has always been questionable. There may actually
be such a beast which is actually secure but I would not bet money
on it. However, it would be easy enough to whip up a little perl
"shell" to run a set of commands and there may be some menuing
systems that will work for this but you'd have to go looking....


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message