Re: Prevent remote User login

• Previous message: Hal Flynn: "New SecurityFocus articles"
• Next in thread: Blair Barrett: "Re: Prevent remote User login"
• Reply: Blair Barrett: "Re: Prevent remote User login"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 16 Oct 2003 15:38:08 -0400
To: Noel del Rosario <noeldelrosario@yahoo.com>

Noel,

Do you know which version of the Solaris OS that you are using?
If you are using the Solaris OS version 8 or newer, the 'oracle'
or '9ias' accounts may be configured to be roles. By default,
you cannot remotely log into a system as a role - you must log
in as a normal user and then 'su' to a role.

For some introductory information on roles and the Solaris
Role-based Access Control capability see the Sun BluePrints
article titled:

    Role-based Access Control and Secure Shell
    http://www.sun.com/blueprints/0603/817-3062.pdf

You can also find more information on this capability in the
Sun documentation (System Administration Guide: Security
Services: Chapter 17 - Role-based Access Control Overview):

http://docs.sun.com/db/doc/806-4078/6jd6cjs3u?q=Role-based+Access+Control&a=view

Please let me know if you have any questions.

Glenn

---
Glenn M. Brunette, Jr.
Principal Engineer, Chief Security Architect
Sun Professional Services, United States CTO
Sun Microsystems, Inc.
Noel del Rosario wrote:
>  
> Glenn,
>  
>        Is there something that  could prevent a user to do a remote login
>        to another valid user_id account (say 'oracle' or '9ias' ) but  allows them 
>        to do 'su - oracle' or 'su - 9ias'  after they successfully login remotelly 
>        using their own user_id account ( say 'rosario' or 'watanabe' ). 
>  
> cheers,
> noel

• Previous message: Hal Flynn: "New SecurityFocus articles"
• Next in thread: Blair Barrett: "Re: Prevent remote User login"
• Reply: Blair Barrett: "Re: Prevent remote User login"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages s and S run levels ... Please find the below run level in solaris. ... Solaris 10 recommended patches (Brent) ... prstat 99% more info ... Sun StorEdge DAT 72 Tape Drive ... (SunManagers) Available immdeate Vijay for Unix Admin with sun Solories Expireance.@217-241-2015 ... 6+ years of professional IT experience in Unix System Administrator ... implementation, connectivity and maintenance on Sun Solaris, Veritas ... User Administration, ... (comp.unix.admin) RE: sunmanagers Digest, Vol 3, Issue 23 ... xtrem command not open terminal with root login ... sun performance measurement shell script ... ODBC driver for Solaris 8. ... host not found) ... (SunManagers) Re: OT: Comparison of Unix systems and window managers ... I currently run Solaris 9 on a Sun Ultra 2 as my main workstation. ... Both run dual CPUs, but the Ultra-60 uses PCI ... Sun Fire 280R which happens to have dual 900 MHz ... (rec.crafts.metalworking) Re: unix price compare ... Well, biggest problem with Solaris is HW support on x86, I haven't yet ... and nowhere did I see a mention of a Sun ... IEEE 1394 Ports ... (comp.unix.solaris)