> >
>
> Not knowing much about NIS+, I would not know how to disable su'ing
> in that enviorment (assuming there is a way to, of which I don't
> know). But as a person who works at a site with many unix workstations
> on user's desks I have to ask one question: Why are users given root
> access at all? They certainly should not need it unless they are
> working as a sysadm. And if that is the case, then you should
> reconsider using NIS+ and keep to separate passwd files. As long as
> you have "trusted" unix machines in your network for which untrusted people
> have the root password, you will not have a "secure network". I would
> recommend all the unix boxes to have the same root password and ONLY
> the real sysadms have access to it.
I would have to disagree about having the same root password on all the unix
boxes. If someone managed to get access to one system, all of them would be in
jeopardy. I know it's a nightmare trying to keep track of several passwords,
but I sleep better knowing that I have delayed an intruder for another five
minutes.
>
> > Hi,
> >
> > I know that this is not the right place, but thought that there must be
> > a lot of capable people who can answer this .
> >
> > Our system administrator is not capable of distinguishing the fact of
> > how to stop people from using some one else 's id.
> > We are running NIS+.
> >
> > The process:
> >
> > su - root (On any client machine, of which you have the password.)
> >
> > Now
> > su - userid (You get logged in as the 'userid' specified).
> >
> >
> > Is there a way to stop this (Other than going to AFS. etc...).
> >
> > Thanks In advance.
> >
> >
> >
> >
>
>
> --
> Mark Crother crotherm @
roses .
rockwell .
com
> Rockwell's Operational Software Engineering System (ROSES)
> Space Systems Division (SSD)
References:
|
|
