Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 7 years ago.
Improve this question
Suppose i create a new user TEST in ubuntu and i need to block all commands except cp,ssh,exit.Please help me.i am new to linux.
Alternatively, consider using some restricted shell like rbash which you might set up as the user's login & ssh shell (use chsh and/or configure his/her's ~/.ssh/config); of course set up the PATH appropriately, it might contain a single ~/bin/ directory containing symlinks to /bin/cp, /usr/bin/ssh, etc. You might want to make ~/bin/ not owned and not writable by the user.
Be careful: if your user is more experimented than you are, you might leave some holes that he/she would be able to exploit. Make it also a social/contractual issue, by at least explicitly forbidding (in words) things.
You might also want to learn more about chroot and/or setuid; see also the references in this answer.
Notice that if your user gets ssh, he is likely to get scp and be able to hack his account (e.g. by adding executable files into his ~/bin/ ....)
I think you need to create a new group in which you set all the commands you want to use and add your TEST user to this group.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 2 years ago.
Improve this question
I'm new to Linux and I'm wondering if I can create custom Linux commands:
For Example
LearningPhase1 cpu getinfo
To show similar output as we get from lscpu command
LearningPhase1 memory getinfo
to get memory information of my Computer
Also, I want to know if I can create new user using my own custom command
LearningPhase1 user create <username>
To create new user
LearningPhase1 user list
To get all the users of my computer
LearningPhase1 user list --sudo-only
To get the users with sudo permissions
This is my question on stackoverflow.
Any Link, Material, or Help regarding this will be much appreciated.
Please Help me in Learning more about these things.
Linux shells looking for programs which are stored in Specific Locations and if there is a program named LearningPhase1, they execute it as command.
you have to write your program and put its binaries or its code (if its interpreted) in those specific location.
you can view those specific locations with this:
echo $PATH
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
I have a program that prompts for a PIN before performing particular actions. The PIN is stored, encrypted, in a local config file along side the executable binary. User enters PIN, program decrypts and compares to the stored value, if they are equal, ok, if not etc.
I'm aware this kind of security check could potentially be circumvented with forensic tools that alter the binary, in affect, changing the '==' to '!=' in the right place to make all the wrong PIN's pass the test in my example.
This may be a stupid question, as I know from the first 2 minutes of googling it's a big and challenging topic, but I still thought I should start with checking on features of the language/compiler I'm actually using first. So, are there any features natively available with Go to make this kind of attack harder to successfully perform?
No, there is nothing remotely like this in the official go compiler or standard library.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
Is it possible to create an user, just like the useradd command does, inside a system call on Linux kernel?
I saw somewhere that syscalls cannot use the exec family, is it true?
Inside the kernel, users are identified by their ID (a number), and this is the only information that the kernel knows about a user.
As far as the kernel is concerned, users do no need to be created: to make a process have a different user, just call setuid() with a different number.
The mapping between user IDs and other information (name, home directory, etc.) is done entirely in user space. And that the user information is stored in files like /etc/passwd is just a convention; there are systems that use users differently (e.g. Android gives each app its own user ID).
If you really want to execute a user-mode program, call call_usermodehelper().
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I'm looking for a way to correct bash commands if they have been misspelled.
Let's say you have installed a program called "FooBar" but you type "foobar" (or foo bar or FOOBAR or foebar) in your shell. Is there any way to check if something similar to what you are looking for exists in your PATH?
I'm thinking about writing a bash script that normalizes user input and uses the Levenshtein distance algorithm to check what they have typed against anything in PATH. But maybe there's already something is written out there or a better way to accomplish this task.
Any suggestions?
If you problem is case-sensitivity only, then you can switch this off in the readline configuration by the following:
echo "set completion-ignore-case On" >> ~/.inputrc
However, if you are seeking for some clever mechanism to execute similar commands (by using fuzzy logic for example) I'll not recommend to use such tool in a command-line since it could be very dangerous.
Imagine what could happen for example in commands like rmv? is it rm or mv? .. only the user can answer this question.
Note: This may be useful if you are running a Cygwin env where case-sensitivity is not a problem. In Linux commands are case sensitive. So switching this functionality off is not a good idea.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I am new to LINUX. This question sounds simple and stupid, but I suppose this has a lot of meaning behind it. "HOW COMMANDS ARE PROCESSED IN LINUX?". Which means suppose if I give ls command,what makes it to display list of all files inside the directory?. I have been searching for the answer, and I could not find any clear explanation for the same. Please help me to solve the same.
I'm new too. But I can answer this in a top level.(not too many details).
Everything in Linux is file, which means that the ls is also a file. You can type which ls
and you can see the file's location.
So, a command is a file, when you type and Enter, the system will search for the file in your PATH and execute it. When the file is executed, it will talk with the kernel and tell the kernel what resources it wants to use, and then the kernel will talk with the real hardware and let the computer do the work.
Some commands are shell keywords or shell builtins, so the shell (the program that accepts your commands) recognizes and processes them directly. Many other commands are executable programs found in the path; so, for example, if you enter ls, an executable called ls is executed (usually found in /bin, many commands cann be found in /usr/bin/). A command could also be an alias for another command.
You can use type command to find out what kind a command is, e.g.
type ls.