[SunHELP] restricting "su" access
Will Yardley
sunhelp at sunhelp.org
Sat Nov 3 04:42:07 CST 2001
Solaris Neophyte wrote:
>
> Ther's something I really like on my FreeBSD box that I haven't seen
> implemented on Solaris.
>
> Only people belonging to the "wheel" on FreeBSD can "su" to root.
>
> Is there anyway to set the same thing up with my Solaris machine?
AFAIK this is only really possible on freebsd, although you could make a
group called 'deny' and add all the users you don't want to su to it...
then chgrp deny /usr/bin/su and chmod 4505 it
even if 'other' has read and write permissions on it, those in the group
'deny' shouldn't be able to access it (that's how it works on most *nix
operating systems anyway from what i've been told).
your mileage may vary.....
w
--
GPG Public Key:
http://infinitejazz.net/will/pgp/
More information about the SunHELP
mailing list