Automatic root login
tim at ISM780B.UUCP
tim at ISM780B.UUCP
Thu Nov 28 08:49:00 AEST 1985
For a while one place I was at did the following:
There was a file that contained names of people who were
allowed to be root, and encrypted passwords for each person.
To become root you run a program, 'nsu', which has the same
user interface as 'su' ( and much of the same insides... ),
which checks to see if you are in the file, and you know the
password in the file.
There is a program, 'npasswd', which changes your password in
the previously mentioned file.
Each person who could become root would have a different password for
'nsu'ing. So to break into root, one would have to both get on the
account of someone who was allowed to 'nsu', and know that persons
'nsu' password. It would be easy for it to ask also for the password
of the person trying to 'nsu', so that they must know both passwords,
instead of just watching you 'nsu' once, and waiting for you to leave
a terminal unattended.
Also, if you decide to take root access away from someone, you can
simply remove them from the file. You don't have the hassle of telling
everyone else the new root password.
Tim Smith
ima!ism780!tim
ihnp4!cithep!tim
More information about the Comp.unix
mailing list