| 1 |
On Sunday 11 January 2009, Mike Kazantsev wrote: |
| 2 |
|
| 3 |
> If blocking every possible user is too much trouble or you wish to |
| 4 |
> block just firefox, but not wget to http port for _all_ users (not the |
| 5 |
> same case as emerge from root) you can write a simple SUID wrapper for |
| 6 |
> firefox binary, which changes group to restricted one (but leaves uid |
| 7 |
> and home unchanged), |
| 8 |
|
| 9 |
Is this like creating a symlink to the original FF binary which you have moved |
| 10 |
somewhere else? Can you please explain? |
| 11 |
|
| 12 |
> then launches true firefox binary, to which only |
| 13 |
> that group has access. |
| 14 |
-- |
| 15 |
Regards, |
| 16 |
Mick |
Archives