[Sunhelp] Preventing users from suing to root
Leon Halford - Open Systems Solutions Ltd
leon.halford at opensolutions.co.uk
Thu Dec 9 18:17:55 CST 1999
Use the PAM interface in Solaris 2.6+ (man pam or man pam.conf).
There are numerous PAM examples of "wheel" group restrictions to "su"
floating around the internet (from memory I believe there's one mentioned in
the Solaris 2.x FAQ).
Compile the example source and install in /usr/lib/security.
The PAM solution is a bulletproof policy restriction (much better than
removing pemissions for world from the su binary)
If you cant find an example, I'll dig up the source (or binary) and mail it
to you.
Leon Halford
-----Original Message-----
From: sunhelp-admin at sunhelp.org [mailto:sunhelp-admin at sunhelp.org]On
Behalf Of Sean Heshmati
Sent: 09 December 1999 22:22
To: sunhelp at sunhelp.org
Subject: [Sunhelp] Preventing users from suing to root
How do I prevent users from su'ing to root on a solaris 2.6 system
utilizing the root group?
Thanks you
Sean Heshmati
Cellnet Data Systems
_______________________________________________
SunHELP maillist - SunHELP at sunhelp.org
http://www.sunhelp.org/mailman/listinfo/sunhelp
More information about the SunHELP
mailing list