Re: nis : how to avoid user1 becoming user2 using local root ?
From: [Lukasz.Sztachanski] (szati_at_rudy.mif.pg.gda.pl)
Date: Sat, 27 Mar 2004 20:16:56 +0100 To: firstname.lastname@example.org
> our situation :
> All linux servers, all nfs share use the root_squash option.
> We're using NIS
> All developpers can become root on their local machines.
> The prob : if user1 do a `su -` on their station. And then, `su user2`
> they can become user2.
> For me it's a huge problem (windows don't have this prob, local admin
> are very different from domain/server admin) is there a way to avoid
> this prob ?
> Thanks !
... i think there's two easy ways to prevent such situations:
1) sudo - developpers can run programs as root, without becoming
sys-admin ( it's very safe)
2)you can create diffrent uid(0) gid(0) users (roots , eg.
aroot, broot, croot..) and invigilate log file sulog.
there's many,many other ways, but i think this is easy way to
solve this prob.
-- |Name.:.....................[Lukasz.Sztachanski]| |WWW..:.......[http://rudy.mif.pg.gda.pl/~szati]| |Mail.:............[szati<at>rudy.mif.pg.gda.pl]|
- application/pgp-signature attachment: stored