Reasons for restricting su privilege?
Thad P Floryan
thad at cup.portal.com
Thu Oct 20 16:46:12 AEST 1988
I'm still a "new" SysAdmin so haven't yet formulated policy along the lines
of David Brown's question about restricting super-user privileges, but it'd
seem good sense to me to have (at least) two trusted people at a site with
the capability of su'ing in case one person is ill, out of town, etc.
Re: a program executing "restricted super-user" commands, I recall "something"
named "sudo.c" in the archives that could be the basis for such restriction.
The restricted scope would be defined upon interrogation of a database, the
nature of the command(s), etc.
Thad Floryan [thad at cup.portal.com (OR) ...!sun!portal!cup.portal.com!thad]
More information about the Comp.unix.wizards
mailing list