Firewalls: RE: su

Firewalls
(September 1996)

Indexed By Thread: [Previous] [Next]

Subject:	RE: su - userid
From:	"L'ROY Robert (MSMail)" <RLroy @ shl . com>
Date:	Mon, 9 Sep 1996 16:45:00 -0600
To:	"grace @ nymt . reuter . com" <grace @ nymt . reuter . com>
Cc:	Firewalls-List <firewalls @ greatcircle . com>

Although, this is not apropos to the topic of this list,
it is related through security issues, so I'll be brief...

The real problem is access to the local root account and then
to NFS/NIS+ distributed user accounts. The only way to stop
access to the local root account is to set a password with eeprom.
This should stop an attempt to reset the local root password.

This does not address the issue of users sharing their personal
passwords!

Bob
 ----------
From: grace @
 nymt .
 reuter .
 com
To: firewalls @
 GreatCircle .
 COM
Subject: su - userid
Date: Monday, September 09, 1996 8:36AM

Hi,

I know that this is not the right place, but thought that there must be
a lot of capable people who can answer this .

Our system administrator is not capable of distinguishing the fact of
how to stop people from using some one else 's id.
We are running NIS+.

The process:

su - root (On any client machine, of which you have the password.)

Now
su - userid (You get logged in as the 'userid' specified).


Is there a way to stop this (Other than going to AFS. etc...).

Thanks In advance.

Indexed By Date	Previous:	libdes.a From: Rudolf Busch <rudolf . busch @ rimpex . cl>
Indexed By Date	Next:	commercial socks5 server? From: Dan Netshow <dan @ racer . ncsc . org>
Indexed By Thread	Previous:	Re: su - userid From: crotherm @ roses . rockwell . com (Mark A. Crother)
Indexed By Thread	Next:	Network Security/Unix Network Security Conterence From: meritj @ fincen . treas . gov (Jim Meritt)