How to create a user with access to selected applications installed in the system and read/write permission to only one directory in the file system?
Say, for example, one wants to create a user dummy
with read and write access to only the directory /home/dummy
and nowhere else. Also, dummy
would be able to use the firefox
browser and a TeX
application like kile
or texstudio
, and no other applications installed on the system is accessible to dummy
. Can this be achieved?
If it is not possible for the applications, can the part of restricting directory be done?
Update
The least property needed:
/home/user1
can't read /home/user2
By default user creation read access is not restricted.
You can do this, but you probably don't want to. Most operating system functions (listing files, checking for wifi APs) rely on binaries or libraries in /usr/bin or /lib and on configuration files in /etc. If you deny read access to those things, those functions will break. Ditto programs like a browser or kile and texstudio. You'll spend ages debugging which specific files you need to grant access to to have your programs work.
If you just want to deny a user access to any other User's home directory, you can simply run
chmod o-rwx /home/username
, which basically means remove read, write and execute permissions to the /home/username for all users except the owner (or users in the file group). If you just want it to be the owner and not the file group, useu-rwx