Module Name: Author: Bruce Campbell <brucec@humbug.org.au> Maintainer: Author; proposed on 20/11/96 - email for status Management groups provided: account; session; authentication Cryptographically sensitive: Security rating: Clean code base: Unwritten. System dependencies: Network aware: Expects localhost. Overview of module

This module is intended to provide a transparent wrapper around the average user, one that puts them in a fake file-system (eg, their '/' is really /some/where/else).

Useful if you have several classes of users, and are slightly paranoid about security. Can be used to limit who else users can see on the system, and to limit the selection of programs they can run. Account component:

Authentication component:

Session component:

Recognized arguments: Arguments and logging levels for the PAM version are being worked on. Description: Examples/suggested usage: Do provide a reasonable list of programs - just tossing 'cat', 'ls', 'rm', 'cp' and 'ed' in there is a bit...

Don't take it to extremes (eg, you can set up a separate environment for each user, but its a big waste of your disk space.)