[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Limiting users SU ability

To: <suse-security@xxxxxxxx>
Subject: Re: [suse-security] Limiting users SU ability
From: "Philippe Vogel" <filiaap@xxxxxxxxxx>
Date: Wed, 9 Jul 2003 13:05:54 +0200
Delivered-to: mailing list suse-security@xxxxxxxx
Delivery-date: Wed, 09 Jul 2003 13:33:46 +0200
Envelope-to: suse@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
List-help: <mailto:suse-security-help@suse.com>
List-post: <mailto:suse-security@suse.com>
List-subscribe: <mailto:suse-security-subscribe@suse.com>
List-unsubscribe: <mailto:suse-security-unsubscribe-suse=archive.cert.uni-stuttgart.de@suse.com>
Mailing-list: contact suse-security-help@xxxxxxxx; run by ezmlm
References: <JIEBIAPDLEKJBMAJODMDMEMACHAA.security@xxxxxxxxxxxxxxxxxxxx> <20030709065231.GA5544@xxxxxxxxxxxxx>

> Don't give them the passwords. If these users have to do some root things
> man sudo

Yes, better use sudo, because there you can configure many things more!
Edit the /etc/sudoers and add user to group trusted.
In the config and with the "man <Command>" command you will find useful
help.

We use sudo for the local ftp-admin group for usermanagement and testing the
load of the ftp (pure-ftp).
At our faculty we use it to allow users to restart the licenseserver
service, which often crashes.

Philippe



-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here

References:
- [suse-security] Limiting users SU ability
  - From: Nigel Gaylard
- Re: [suse-security] Limiting users SU ability
  - From: Johannes Bretscher

Prev by Date: RE: [suse-security] Unencrypted YOU password readable by all
Next by Date: [suse-security] Root user
Previous by thread: Re: [suse-security] Limiting users SU ability
Next by thread: [suse-security] Root user
Index(es):
- Date
- Thread