su Security
rgenter at j.bbn.COM
rgenter at j.bbn.COM
Thu Feb 5 13:29:11 AEST 1987
A program to check a table of users to see if they are authorized to
execute 'su' is of limited utility, if any. If a user has the root
password and they are excluded from running 'su', there is nothing to
prevent them from just running 'login' and logging in as the superuser.
If you are going to modify 'su', you might as well modify 'login' as
well, perhaps to ask a second password or to check from which terminal
the login is being attempted (except that I believe System V already
does this through the use of /etc/securetty?).
- Rick
--------
Rick Genter BBN Laboratories Inc.
(617) 497-3848 10 Moulton St. 6/512
rgenter at bbn.COM (Internet new) Cambridge, MA 02238
rgenter at bbnj.ARPA (Internet old) seismo!bbn.com!rgenter (UUCP)
More information about the Comp.unix.wizards
mailing list