limiting commands to directories

ccdrt at ccdrt at
Sat Aug 31 01:28:31 EDT 2002

How about ACL....

Matthew Hannigan wrote:

> Clift Robert T CONT DLVA wrote:
>> All,
>>     I want to be able to limit the directories where commands can be
>> applied. In other words, I want my users to only be able to "chmod" in
>> /local/develop. Thanks in advance,
> Sudo doesn't do restrictions.
> You could write a limited version of chmod, and only let them run
> that, (hide/change permissions on the real chmod) but that still
> wouldn't need the involvement of sudo.  And it would be a lot of
> hard to maintain stuff.
> And anyway, they could still write their own chmod command in C,
> or perl, or python or's not hard.
> If you cared to restate your problem, maybe I could help a little
> more.  What I think you might need is what's known as MAC --
> mandatory access control, and that just doesn't come in any
> standard commercial operating system.  There might be Linux
> kernel modifications / modules to do it though.
> Matt
> ____________________________________________________________ 
> sudo-users mailing list <sudo-users at>
> For list information, options, or to unsubscribe, visit:

More information about the sudo-users mailing list