Mailinglist Archive: opensuse-security (396 mails)
| < Previous | Next > |
Re: [suse-security] Secure root alias logins
- From: Volker Kuhlmann <hidden@xxxxxxxxxxxxxxx>
- Date: Thu, 16 Jan 2003 21:13:46 +1300
- Message-id: <20030116081346.GE4582@xxxxxxxxxxxxxxx>
> In fact you should disable remote login for root via password (and maybe
> even with ssh key), and only allow a normal user to get root using su.
Selecting permissions "paranoid" breaks this, as it removes the suid bit
from su, thus preventing any normal user to su to root. A quick edit to
/etc/permissions.paranoid fixes that.
Volker
--
Volker Kuhlmann is possibly list0570 with the domain in header
http://volker.dnsalias.net/ Please do not CC list postings to me.
> even with ssh key), and only allow a normal user to get root using su.
Selecting permissions "paranoid" breaks this, as it removes the suid bit
from su, thus preventing any normal user to su to root. A quick edit to
/etc/permissions.paranoid fixes that.
Volker
--
Volker Kuhlmann is possibly list0570 with the domain in header
http://volker.dnsalias.net/ Please do not CC list postings to me.
| < Previous | Next > |