I'm using Ubuntu 10.04. I would like to create a new account, for other people using my computer. I would like my guest to have access to Internet, text editor and other application installed on my computer without having access to my data (and obviously system settings).
I have added a user "guest" using graphic interface (System -> Administration -> Users and groups). My guest has now access to the application, but not full – wine and VirtualBox are empty (wine has only wine notepad, on VirtualBox there is no virtual machine installed). Internet and chat are fine, but "guest" has the access to anything in the computer via terminal, and I would like to keep him in his guests home (there are a lot of people using my computer, not all of them I know well).
I have found on http://www.ubuntu.pl/ how to change user's privileges via terminal and I'm wondering if the command chmod -vR --preserve-root 700 /home/maria
is fine?
/home has two directories: guest and maria.
And how to ensure for my guest the access to applications installed on wine and VirtualBox without installing it once again?
This is an output for guests groups:
guest@marysia-ubuntu:~$ groups
guest adm dialout fax cdrom floppy tape dip video plugdev fuse nopasswdlogin
guest@marysia-ubuntu:~$
And this for marias groups:
maria@marysia-ubuntu:~$ groups
maria adm dialout cdrom plugdev lpadmin admin sambashare guest
maria@marysia-ubuntu:~$
Best Answer
If you're only worried about other users being able to see your files, run
chmod -R o-rwx /home/maria. It revokes all permissions to the world (including guest).guestdoes not belong to the admin group, which means he cannot run commands as other users (like root) through sudo (OK)As noted by Takkat, anyone who has physical access to the machine could gain access to the files. The only way to protect you from that is encrypting the drive. If you put a BIOS password on the machine, the visitor can take out the HDD from it.