1. disabling su for root on some machines
I'm stuck with the following "security" problem. We are running Solaris
2.5.1 on a SunServer1000, our fileserver called "server". In the
network we have various Solaris 2.5.1, Solaris 2.6, IRIX 5.3, and IRIX
6.2 machines, as well as PC's and Linux machines.
Problem: any user who has root access on her machine (and many do, since
they maintain their own PC's or whatever), can do something like the
local> su -
Password: [assume the user knows this]
# su - otheruser
i.e., that user can become any other user via root on her local machine.
That's a large leak I want to close. How do I do that?
The file systems are exported as follows:
share -F nfs -o rw=sun:sgi:pc,root=server.ws.dlr.de -d "home dirs"
/dev/md/homedirs/dsk/d8 /dev/md/homedirs/rdsk/d8 /home_server ufs2 no rq
Any hints appreciated, if even a pointer to where to look in AB2!!
dr Patrick van der Smagt phone +49 8153 281152, fax -34
P.O. Box 1116, 82230 Wessling, Germany ICQ 10513716
2. running perl as a service?
3. Disable su as root?
4. Flowcharting tool under Unix?
5. differences between su root and su - root
6. RAID setting
7. su root: You do not have permission to su root ?
8. Problem using dip to connect to internet provider
9. Solution: differences between su root and su - root
10. How to disable root SU's from remote sites?
11. su to a user then su to root in startup script
12. su problem -- su: Unknown id: root
13. GNU su (was Re: Preventing SU Root)