How to Setup a Secure Guest Account [was] Password-protecting fedora.

Ow Mun Heng ow.mun.heng at wdc.com
Wed Mar 10 03:05:39 UTC 2004 

> -----Original Message-----
> From: Bevan C. Bennett [mailto:bevan at fulcrummicro.com]
> 
> Ow Mun Heng wrote:
> > 
> >>-----Original Message-----
> >>From: Matt Morgan [mailto:matt.morgan at brooklynmuseum.org]
> >>
> >>I was talking about gdmflexiserver. In case it wasn't clear 
> >>from the part
> >>where I said "But I forget what it's called," I couldn't 
> >>remember what it
> >>was called :-). Fortunately a few other people wrote in about 
> >>it as well.
> >>
> >>Yes, there are lots of ways to have more than one account 
> >>loged into Unix
> >>at the same time. Score one for Bjorn. gdmflexiserver makes 
> it really
> >>easy, is the main reason I mentioned it. I thought it might help the
> >>original poster, who was looking for a way to give people 
> >>access to the
> >>computer without them seeing his mail. The combination of a 
> >>guest account
> >>with a new login via gdmflexiserver would probably be the 
> >>fastest/safest
> >>way to so what he wants.
> > 
> > <SNIP>
> > Talking about guest users. ANyone has any pointers on how, 
> > specifically to create a guest user? I mean, it must just be 
> > able to perform/access _normal_ stuffs (eg: web browsing, office
> > etc) and not have access to anything else?
> > 
> > Main keyword here I guess is _very_limited_access. Even more
> > restrictive than normal users.
> 
> You can chgrp all the things in /usr/bin (or elsewhere) that 
> you don't 
> want guests using to a new group "real_users", then chmod 
> o-rwx on them 
> all. Add all your 'non-guest' users to the real_users group 
> so they can 
> continue to use them. This isn't strictly considered neccessary, as 
> normal users can't mess up system files, and normal users (if 
> properly 
> configured) won't be allowed to see or edit each other's files either.

Wow.. That's a real pain. Luckily I'm the only person using this 
laptop

> 
> > (since I presume that the user/password combo would be guest/guest)
> 
> The name and password for any user are whatever you want them to be.

That's not actually a question. more like a statement. Oh well..

Thanks

More information about the users mailing list