This was posted the other day and I haven't seen any follow-ups by people
either agreeing with or disputing this method. So my question is; This
method seems (on paper) that it would work. Are there any considerations
or situations in which this might cause trouble down the road (or at the
very least "headaches") ? We are running SPARC Solaris 2.3, 2.5, 2.5.1
and 2.6 on 5 separate machines (I know...we're upgrading them all
when 2.6.1 comes out) so assume the question is for all those versions.
Thanks in advance.
----------- Begin Forwarded Message -----------
>Subject: Re: restricting su
>Date: Wed, 13 May 1998 12:26:30 -0500
>Organization: InterAccess Co., Chicago's Full Service Internet Provider
>On Wed, 13 May 1998 11:35:25 +0100, in comp.unix.solaris Scott
>>Basically there is no way of restricting who su's to root under Solaris,
>>you would have to come up with something yourself I guess.
> Actually there is.
>First put the users you want to give su permission to in the
>sysadmin (14) group.
>Change the group of /bin/su to 14 (sysadmin)
>Change the mode of /bin/su to -r-sr-xr-- (chmod o-x /bin/su)
Tom Metzger -> INCOLSA Unix System Administrator -> http://www.palni.edu/~tom
Help Stop Internet Spam! ---> http://spam.abuse.net
Don't Spread That Hoax! --> http://www.nonprofit.net/hoax/hoax.html