Not knowing much about NIS+, I would not know how to disable su'ing
in that enviorment (assuming there is a way to, of which I don't
know). But as a person who works at a site with many unix workstations
on user's desks I have to ask one question: Why are users given root
access at all? They certainly should not need it unless they are
working as a sysadm. And if that is the case, then you should
reconsider using NIS+ and keep to separate passwd files. As long as
you have "trusted" unix machines in your network for which untrusted people
have the root password, you will not have a "secure network". I would
recommend all the unix boxes to have the same root password and ONLY
the real sysadms have access to it.
> I know that this is not the right place, but thought that there must be
> a lot of capable people who can answer this .
> Our system administrator is not capable of distinguishing the fact of
> how to stop people from using some one else 's id.
> We are running NIS+.
> The process:
> su - root (On any client machine, of which you have the password.)
> su - userid (You get logged in as the 'userid' specified).
> Is there a way to stop this (Other than going to AFS. etc...).
> Thanks In advance.
Mark Crother crotherm @
Rockwell's Operational Software Engineering System (ROSES)
Space Systems Division (SSD)
Re: su - userid
From: Randy Mikesell <rmikesel @
su - userid
From: grace @
com (Grace Barraza)