su modifications posted to net.sources
rbj at icst-cmr.arpa
rbj at icst-cmr.arpa
Fri Feb 20 13:02:43 AEST 1987
In general, you do NOT want "su" to search an "/etc/su_people".
Having such a file multiplies the number of accounts which must
be secured against intrusion. It is difficult enough to protect
one account (root). With N entries in "/etc/su_people" there are
(effectively) N root accounts which can be attacked. It is much
harder to protect N passwords, N accounts' files, etc. than it is
to protect a single root password and the system directories.
Gee, that's easy! If account `fred' is in `/etc/su_people', then
you just have a file called `/etc/fred_people' :-)
(Root Boy) Jim "Just Say Yes" Cottrell <rbj at icst-cmr.arpa>
Help! A 900 foot tall vision of Dennis Ritchie told me
that if I don't get my 4.3 BSD tapes by March I'll die!
More information about the Comp.unix.wizards
mailing list