root restrictions
John F Haugh II
jfh at greenber.austin.ibm.com
Fri Jun 14 08:40:34 AEST 1991
In article <8439 at awdprime.UUCP> shaggy at kleikamp.austin.ibm.com (David J. Kleikamp) writes:
>In article <1991Jun12.180648.27815 at bnlux1.bnl.gov> como at max.bnl.gov (Andrew T. Como) writes:
>What good is it to restrict root logins to the console if you do allow other
>users to su to root from other TTY's?
It prevents remote attacks against the system. Someone can't dialup your
system and pound away on the modem hoping to get the root password. Even
if they do get the root password, they still can't login.
>Anyway, one way of doing this would be to write your own authentication
>method. I've never done this myself, but you define the authentication
>methods in the /etc/security/login.cfg file.
See an earlier posting f mine where I describe exactly how to do this.
--
John F. Haugh II | I've Been Moved | MaBellNet: (512) 838-4340
SneakerNet: 809/1D064 | AGAIN ! | VNET: LCCB386 at AUSVMQ
BangNet: ..!cs.utexas.edu!ibmchs!auschs!snowball.austin.ibm.com!jfh (e-i-e-i-o)
More information about the Comp.unix.aix
mailing list