Is it possible to prevent any user to not use commands like ls, rm and other system commands which could harm the system. But the users should be able to execute shell programs.
Linux – How to restrict the users’ shell allowing to execute shell programs
linuxscriptingshell
Best Answer
Your question should be:
I don't trust my users. The dumb ones see something on the internet and try it out without understanding what it does. The devious ones like to snoop around and look at other peoples files and steal their ideas. And the lazy, don't get me started on the lazy ones.
How do I protect my system and my users from my users?
First, unix has very a very comprehensive filesystem permissions system. This seems to be a decent tutorial on unix filesystem permissions. The gist of this is that directories can be set such that a user can go into a directory and can run programs out of that directory but can't view the contents of that directory. If you do this, for example, on /home, if the user runs ls on /home, they get a permission denied error.
If you're really scared of your users and want to stick them in a supermax type of restricted environment, use something like freebsd's jails or solaris's zones -- each user gets their own tailor made environment. For added points use ZFS so you can take a snapshot of the environment when they log in so if they delete their files you can just pull them out of the snapshot.