Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Role based access and security
Special Forums Cybersecurity Role based access and security Post 302968525 by Peasant on Thursday 10th of March 2016 09:02:30 AM
Old 03-10-2016
If you don't require super user privilege (root), ACL is definitely a way and not sudo.

Sudo can be a big security hole if not properly configured and it rarely is.

Best regards
Peasant.
 

6 More Discussions You Might Find Interesting

1. Solaris

Security of root access

Hi, The security auditor give a this statement , what to do ? On my solaris system (S10) "The User ID "root" should not be used on the system - the su and the priviledged account should be used from each administrator for accountability purposes" What to do ? (3 Replies)
Discussion started by: falcon16
3 Replies

2. SuSE

"scp" access denied:/etc/security/access.conf

Guys i have 2 SUSE Linux Enterprise Server 10 SP1 (i586) boxes.if i take a look into /etc/security/access.conf ,i see following lines at the eof # All other users should be denied to get access from all sources. #- : ALL : ALL - : myID : ALL now earlier i had written scripts where files... (1 Reply)
Discussion started by: ak835
1 Replies

3. AIX

role based user

Hi .. I need to assign role based permission to users... How to assign role based permission in aix... Thanks.. (4 Replies)
Discussion started by: sumathi.k
4 Replies

4. Linux

Web based X11 access

Hi guys ;) I'm new here. I had been reading a long time here on the forums but now I registered finally. And got a question for you. Since yesterday I've got successfully installed a X11-connection from my WinXP to a RedHat EL 5 - Box. Now there's a web portal needed. So I have to make a... (2 Replies)
Discussion started by: supermaRiio
2 Replies

5. Homework & Coursework Questions

Security issues with universal access of file

Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted! 1. The problem statement, all variables and given/known data: If you look at the permissions associated with a symbolic link, it has universal access. Does this lead to... (0 Replies)
Discussion started by: linux17
0 Replies

6. Red Hat

How do I install security patches with no internet access?

Hi, I'm pretty new to Linux and I want to download security patches and install them on RHEL 5.4. I've searched the red hat web site but cant seem to find where the download link is. (5 Replies)
Discussion started by: Jardoo
5 Replies

LEARN ABOUT OSX

bsmconv

bsmconv(1M)                                               System Administration Commands                                               bsmconv(1M)

NAME

       bsmconv, bsmunconv - enable or disable the Basic Security Module (BSM) on Solaris

SYNOPSIS

       /etc/security/bsmconv [rootdir...]

       /etc/security/bsmunconv [rootdir...]

DESCRIPTION

       The  bsmconv  and  bsmunconv scripts are used to enable or disable the BSM features on a Solaris system. The optional argument rootdir is a
       list of one or more root directories of diskless clients that have already been configured. See smdiskless(1M).

       To enable or disable BSM on a diskless client, a server, or a stand-alone system, logon as super-user to the system being converted and use
       the bsmconv or bsmunconv commands without any options.

       To  enable or disable BSM on a diskless client from that client's server, logon to the server as super-user and use bsmconv, specifying the
       root directory of each diskless client you wish to affect. For example, the command:

       myhost# bsmconv /export/root/client1 /export/root/client2

       enables BSM on the two machines named client1 and client2. While the command:

       myhost# bsmconv

       enables BSM only on the machine called myhost. It is no longer necessary to enable BSM on both the server and its diskless clients.

       After running bsmconv the system can be configured by editing the files in /etc/security. Each diskless client has its own copy of configu-
       ration files in its root directory. You might want to edit these files before rebooting each client.

       Following  the  completion  of either script, the affected system(s) should be rebooted to allow the auditing subsystem to come up properly
       initialized.

FILES

       The following files are created by bsmconv:

       /etc/security/device_maps       Administrative file defining the mapping of device special files to allocatable device names.

       /etc/security/device_allocate   Administrative file defining parameters for device allocation.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE         |      ATTRIBUTE VALUE        |
       +-----------------------------+-----------------------------+
       |Availability                 |SUNWcsr                      |
       +-----------------------------+-----------------------------+

SEE ALSO

       auditconfig(1M), auditd(1M), audit_startup(1M), audit.log(4), audit_control(4), attributes(5)

NOTES

       bsmconv and bsmunconv are not valid in a non-global zone.

SunOS 5.10                                                          26 May 2004                                                        bsmconv(1M)
All times are GMT -4. The time now is 09:54 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy