[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: How can I prevent users from su-ing to non-root accounts



There are at least 2 reasons I can think of why I don't like to
go this route and why I can't do it:

1) I don't like to change permissions of 3rd party products
2) And sometimes you can't do it. 
   E.g Oracle's utility "sqlplus" needs to be executed by the
   application developers but you want to prevent them from su-ing to
   dba. And in addition you can't change the group ownership of sqlplus.


On Sat, 27 Jan 2001, Wil Cooley wrote:

> On Sat, Jan 27, 2001 at 11:16:57PM -0500, Werner wrote:
> > 
> > Hi,
> > 
> > I can use the wheel module to prevent users from su-ing to root.
> > But how can I prevent users from su-ing to non-root accounts 
> > like to a Linux database account.
> > 
> 
> Take the world-execute bit off, and make sure it's has group 'wheel',
> so your admins can still exec it.
> 
> Wil
> 





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []