How to prevent Ubuntu/Debian users from accessing apt-get or downloading from the web, etc?

by insatienne   Last Updated September 22, 2018 00:01 AM

Is it possible to have a user in Ubuntu/Debian that does not have access to synaptic, apt-get, dpkg and cannot even download anything from the Web, but has root privileges otherwise?

Original post (above translated by aimar):

Bonsoir je voulais savoir s'il est possible d'avoir un user avec tous les droits de root et qui ne peux rien télécharger. En fait je cherche à désactiver synaptic, apt-get, dpkg Merci

Answers 2

I'd say your best bet is to remove the binaries that you don't want your root user to use (wget, apt-get, etc).

However this can break some system fuctionnalities because some applications assume you have a functionnal wget, dpkg, etc. And, well, as long as it's root, and even with no internet connection, he can insert a cd and recopy the binaries...

April 21, 2011 21:09 PM

Downloading from the web can be blocked using the firewall settings of Linux (iptables).

As for root - if you want to only provide access to specific commands as root then you would be best off using sudo to grant specific users access to specific commands.

April 21, 2011 21:12 PM

Related Questions

Unable to remove package on Debian 7

Updated January 11, 2018 01:01 AM