[SunHELP] restricting "su" access
Fletcher, Joe
sunhelp at sunhelp.org
Sat Nov 3 08:59:04 CST 2001
FWIW
Tru64 is similar to FreeBSD in the sense that unless you are in group system
you can't su to root.
-----Original Message-----
From: Will Yardley [mailto:william+sun at hq.newdream.net]
Sent: 3 November 2001 10:42
To: sunhelp at sunhelp.org
Subject: Re: [SunHELP] restricting "su" access
Solaris Neophyte wrote:
>
> Ther's something I really like on my FreeBSD box that I haven't seen
> implemented on Solaris.
>
> Only people belonging to the "wheel" on FreeBSD can "su" to root.
>
> Is there anyway to set the same thing up with my Solaris machine?
AFAIK this is only really possible on freebsd, although you could make a
group called 'deny' and add all the users you don't want to su to it...
then chgrp deny /usr/bin/su and chmod 4505 it
even if 'other' has read and write permissions on it, those in the group
'deny' shouldn't be able to access it (that's how it works on most *nix
operating systems anyway from what i've been told).
your mileage may vary.....
w
--
GPG Public Key:
http://infinitejazz.net/will/pgp/
_______________________________________________
SunHELP maillist - SunHELP at sunhelp.org
http://www.sunhelp.org/mailman/listinfo/sunhelp
MetaPack
The Lightwell
12/16 Laystall Street
Clerkenwell
London EC1R 4PF
Tel: +44 (0) 20 7843 6720
Fax: +44 (0) 20 7843 6721
--------------------------------------------------------------------------
This email is confidential and proprietary;
all information contained in it must be used only by the addressee in
accordance with MetaPack's terms of business and non-disclosure agreement.
Disclosure, copying, and distribution to, or use by, anyone other than the
intended recipient is strictly prohibited and may be unlawful.
More information about the SunHELP
mailing list