-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 25 Feb 2000, Thorsten Kukuk wrote:
Hi,
On Thu, Feb 24, L. Sassaman wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I was wondering why the SuSE team chose to use GNU su instead of the shadow su. I find that the shadow su offers a greater level of customability, security wise. Is there a problem with it?
What can you do with the shadow su you cannot do with the GNU su ? Think about we are using PAM, so the most features are available with PAM modules and are not longer in the program itself.
I like the /etc/suauth file for su configuration. It makes it easy to enable "wheel" root restrictions, and bypassing password authentication for certain users to other users... I suppose PAM would replace it, but I'm used to /etc/suath. ;)
Thorsten
-- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@suse.de SuSE GmbH Schanzaeckerstr. 10 90443 Nuernberg Linux is like a Vorlon. It is incredibly powerful, gives terse, cryptic answers and has a lot of things going on in the background.
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
__ L. Sassaman System Administrator | "All of the chaos Technology Consultant | Makes perfect sense..." icq.. 10735603 | pgp.. finger://ns.quickie.net/rabbi | --Joe Diffie -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: OpenPGP Encrypted Email Preferred. iD8DBQE4ttmXPYrxsgmsCmoRAitDAKCcLy4iEmzuPPmoF+/q6W5ke0p6CQCgmi7u DdYZFuFtXNfylI5yKji0CQM= =x4d1 -----END PGP SIGNATURE-----