# Need help fror blocking normal users from using scp, rsync.

## manu_leo

Hi Experts, 

I need some help in knowing the ways how I can block a normal user from using some commands like rsync, scp, rm and so on. I don't want a user to take anything like the code out of the box using rsync or scp command.

The setup is simple - I have gentoo installed on my Dell server, and all users are configured locallly ( no ldap or radius authentication, just local auth.)

A normal user have access to all commands under /usr/local/bin:/usr/bin:/bin. I want to block usage of some commands from these directories. 

I was thinking of using iptables to accomplish this. Please let me know if there are other ways available to do so.

Appreciate all your help in advance.

----------

## Hu

You could make those commands mode 700 so that only root can run them.  However, if the goal is to prevent a user from getting content off the machine, there are other ways you have not mentioned that would also need to be blocked.  See also DRM shortcomings.

----------

## manu_leo

Thanks Hu, appreciate all your help.

Let me go through the doc and will revert in case of any issues.

Thanks again.

----------

