To restrict the execution of /usr/sbin/userhelper to console users on a Linux system, you can use the consolehelper utility.
Here is an example of how to do this:
/etc/security/console.apps/userhelper with the following content:/usr/sbin/userhelper
chmod 600 /etc/security/console.apps/userhelper
/etc/pam.d/su file and add the following line to the top of the file:auth required pam_console.so
This will restrict the execution of /usr/sbin/userhelper to console users only. Any users attempting to execute /usr/sbin/userhelper from a remote login or over a network will be denied access.
Note: This process may vary slightly depending on the specific Linux distribution you are using. You may need to modify the PAM configuration or use a different utility to restrict access to /usr/sbin/userhelper on your system.