I want to create a user in such a way that he/she cannot execute any file
I'm using Ubuntu 11.10
I tried chmod 700 /bin/sh + /bin/chmod as root
in this way is there any way or any possibility that users can execute files ?
Can anyone provide me some step-by-step instructions please?
Set the umask property of the user to 113.
The user file-creation mode mask (umask) is use to determine the file permission for newly created files. It can be used to control the default file permission for new files. It is a four-digit octal number. A umask can be set or expressed using Octal values
Calculate umask for any user as follows :
The octal umasks are calculated via the bitwise AND of the unary complement of the argument using bitwise NOT. The octal notations are as follows:
Octal value : Permission
0 : read, write and execute
1 : read and write
2 : read and execute
3 : read only
4 : write and execute
5 : write only
6 : execute only
7 : no permissions
if you want to restrict your newly created user from executing any file, set his umask to 113( it means he can only read and write the file, his group can only read and write the file while anybody else can only read the file)
The default umask of any user in linux is 002 and for root user is 022.
You can default umask for any user like this:
1) open /etc/profile
2) modify the following line "umask 022" according to the default permissions you want to give to your user.
Check the man page of umask for further reference
man umask
