Guest Account, Local Only
Beartooth
Beartooth at swva.net
Mon Jan 28 17:41:18 UTC 2008
On Fri, 25 Jan 2008 06:46:33 +0100, Cyberiade.it Anonymous Remailer wrote:
> I'm interested in setting up a guest account on my Ubuntu Gutsy system
> for local use only. Meaning, friends could have a username for one
> account to share, use all of the local devices, CDROM, floppy, USB, etc.
> and Internet, but with one condition:
>
> No access to the normal user's directories and above ~/home directories.
>
> The normal user being the one with the password to do sudo commands.
>
> Would there be a simple step-by-step how-to on performing this? Would
> there be any disadvantages to doing this?
We keep a laptop in the guest room, mainly for use as a loaner to
house guests. I set up a user for each. When I bruited this about on my
favorite LUG, I was warned that accounts getting little use were a
favorite approach among crackers.
So I set up various defenses. Chief among them is that I, as
root, keep all the guest login shells set to /sbin/nologin, and only
switch that to /bin/bash while a given guest is here.
That is under Fedora 8. The comparable app in Ubuntu 7.10 seems
to run "gksu users-admin," and not to have the /sbin/nologin option; but
there is an option under Properties > Advanced called called /bin/false.
No doubt someone here can tell us if the effect is indeed the
same.
--
Beartooth Staffwright, PhD, Neo-Redneck Linux Convert
Remember I know precious little of what I am talking about.
More information about the ubuntu-users
mailing list