ultrix 4.0 enhanced security
Roland Schemers III
schemers at vela.acs.oakland.edu
Sat Sep 1 04:45:18 AEST 1990
In article <RUSTY.90Aug31102448 at garnet.berkeley.edu> rusty at garnet.berkeley.edu (rusty wright) writes:
>I still can't get su to work with DECwindows; I downgraded the system
>to UPGRADE level by editing the svc.conf file (as suggested by a
>posting from a DEC employee) and it still complains about 'not a
I remember reading in the 4.0 docs that su will ony work from a secure line
in UPGRADE or SECURE mode. Its in Section 3.1.2.2 in the System Management
Volume 1. If you want su to work in UPGRADE or SECURE mode then you
should set the lines as secure in /etc/ttys. Of course this opens up a
HUGE security hole. If you must run in UPGRADE or SECURE mode and use the
su commmand, then you could always write your own modified version of 'su'
and install it. This of course could be another huge security hole.
I think they should have left su the way it was. Making it work only from
a secure line in UPGRADE or EHANCED mode is a hassle. The way I have been
doing it on campus (with Ultrix 3.1) is to make the su command executable only
from the system group. Then only people in the system group can execute su.
I feel normal users shouldn't have to use su anyways. They can just
logout and log back in.
We are currently running 4.0 in BSD mode, so we haven't run into this problem
yet.
Roland
--
Roland J. Schemers III Systems Programmer
schemers at vela.acs.oakland.edu (Ultrix) Oakland University
schemers at argo.acs.oakland.edu (VMS) Rochester, MI 48309-4401
"Get off your LEF and do something!" (313)-370-4323
More information about the Comp.unix.ultrix
mailing list