Jose wrote:
Hi. Hi,
I intent make a new server, with a security trigger If anybody try make a login with root or other user and dont use a corrent password . this triger erase a home of this user and if try to login as root this triger erase all file system The way I undestand your question is so:
Your company has a few people who are allowed to log into the server to see the confidential information. For this example let us say that only User A and User B are allowed to see the confidential documents. User C is also allowed to log into the server but is not allowed to view the confidential documents. User C now tries to see the confidential documents by using the username and what he thinks User A' password is ie he wants to login as though he was User A. User C however does not know User A; correct password and so your security trigger deletes all of User A' /home directory. Doing this would require you to restore User A' /home directory from your backup before User A logged into the system again. Before you have managed to restore User A' /home directory User C decides to try and access the confidential documents again using what he thinks is the correct root password. The login fails and as a result of your security trigger, / is deleted requiring you to completely rebuild and restore everything on the server. I might not be reading this correctly but if you manage to do what I read from your post, it would result in you having to almost continually restore from backups and rebuild the nmachine, as the number of logins that use the incorrect password, as you said earlier, is high. My suggestion would be to either implement two factor authentication system so that the incorrect person has no way of having both/knowing both of the security checks OR to learn how to use the Linux filesystem ownership so that only certain users will have access to those confidential files. One last suggestion would be to somehow send you an alert of which PC had the failed login attempt and then ask that person why they are trying to acess confidential documents and possibly threaten them with the loss of their job if it happens again. For more information I suggest you search for a list in your home language about security. You can try and join security-basics@securityfocus.com HTH -- ======================================================================== Using SuSE 9.2 Professional with KDE and Mozilla Mail 1.7.13 Linux user # 229959 at http://counter.li.org ======================================================================== -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org