RE: disable 'su' for normal users
From: Dallas Engelken (dallase@nmgi.com)Date: 11/10/01
- Previous message: Jeffrey Denton: "Re: disable 'su' for normal users"
- Next in thread: Dallas Engelken: "RE: disable 'su' for normal users"
- Reply: Dallas Engelken: "RE: disable 'su' for normal users"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Dallas Engelken" <dallase@nmgi.com> To: <focus-linux@securityfocus.com> Subject: RE: disable 'su' for normal users Date: Fri, 9 Nov 2001 17:09:57 -0600 Message-ID: <KGEOIIGPJBEOBCJBOCLFEEHACDAA.dallase@nmgi.com>
> -----Original Message-----
>
> I was wondering how one can disable the su-command for a normal user.
> Because certain programs need 'su' when linux boots, you cannot just alter
> the flags, ...
> Also it is a SETUID-prog.
>
chown root.wheel /bin/su
chmod 750 /bin/su
then add the users that need to have access to su to the wheel group.
[bigd@whitehat bigd]$ cat /etc/group | grep wheel
wheel:x:10:root,bigd,johnk,randyj
if you have init scripts that are dependent on su (i dont know any off the
top of my head), then you may need to rethink this plan. However, this is
the most common setup.
Dallas Engelken
NMGI
http://www.nmgi.com
- Previous message: Jeffrey Denton: "Re: disable 'su' for normal users"
- Next in thread: Dallas Engelken: "RE: disable 'su' for normal users"
- Reply: Dallas Engelken: "RE: disable 'su' for normal users"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
