sux, an enhancer for su
Paul Nash
paul at frcs.UUCP
Sat Apr 27 17:27:39 AEST 1991
Thus spake Peter da Silva (and many, many others):
>
> In article <462 at frcs.UUCP> paul at frcs.UUCP (Paul Nash) writes:
> > I recently hacked up a fairly trivial enhancer for `su', that allows
> > members of group `wheel' to su at will _without_ needing the root
> > password.
>
> Can you say security problem? I knew you could. My boss did something
> like this until I talked him out of it.
Yes, this is a security problem. However, I run a one-man-band,
and have an office 10 miles outside town. For my applications,
I am far, far happier to give a cracker 5 or 6 ids that s/he can
attack than have to type a long-winded root password every time
I need to become root.
I also run a local not-quite-pubnix machine, that about 6 people
scattered around the country need root access to from time to time.
I prefer giving them `sux' to handing out the root password.
Sure, it's not all things to all men. For people like me, though,
it is just great. I know of about 8 people who view this as the
answer to their problems. If you want security, however, remove
_all_ setuid programs, and make root NOLOGIN. Oh, also turn off
the power, just in case.
---=---=---=---=---=---=---=---=---=---=---=---=---=---=---=---=---=---
Paul Nash Free Range Computer Systems cc
paul at frcs.UUCP ...!uunet!m2xenix!frcs!paul
More information about the Alt.sources.d
mailing list