changing the login password's requirement

Les Mikesell lesmikesell at gmail.com
Wed Apr 20 04:41:29 UTC 2005


On Tue, 2005-04-19 at 16:56, Matthew Miller wrote:

> > By extension, such a mechanism could be applicable to the use of "su -". 
> > Instead of prompting for root's password, prompt foe the current user 
> > password, then see if that user is authorized to log on to root.
> 
> Good idea. In fact, so good that it's already implemented. :)
> 
> Although it's on a per-executable basis, not per-login. Check out the files
> in /etc/security/console.apps/, and the man page for "userhelper".
> (Particularly, look at the USER and UGROUPS variables.)

If you let someone execute /bin/bash as another user it would be
basically the same as allowing the login.

-- 
  Les Mikesell
   les at futuresource.com





More information about the fedora-list mailing list