Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to prevent root users from editing files (logs)
Top Forums UNIX for Dummies Questions & Answers How to prevent root users from editing files (logs) Post 91916 by jim mcnamara on Tuesday 6th of December 2005 01:45:04 PM
Old 12-06-2005
Basically, if you know who the the user is, you can try to create a chroot jail.
This prevents them from logging in using su to get privs and then editing files outside their new "root" directectory.

However, user with root access can defeat a chroot jail.

Here is an example for a ssh chroot jail:
http://www.fuschlberger.net/programs...p-chroot-jail/
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Prevent root login directly

Hi How can I prevent anyone from logging in as root directly? I have added the line console=/dev/null to the file /etc/default/login I was still able to login as root from the console. Please advice. Thanks Srini (4 Replies)
Discussion started by: skotapal
4 Replies

2. AIX

Locking a file when using VI to prevent multiple-edit sessions by diff users

At the office, we often have to edit one file with VI. We are 4-6 workers doing it and sometimes can be done at the same time. We have found a problem and want to prevent it with a file lock. Is it possible and how ? problem : Worker-a starts edit VI session on File-A at 1PM Worker-b... (14 Replies)
Discussion started by: Browser_ice
14 Replies

3. UNIX for Advanced & Expert Users

How to prevent local root from su to an NIS user?

We have a shared development box, running Solaris 10 that is an NIS client, all the developers have local root password. If they know the NIS uid of another user, they can just do % useradd -u <uid> login And then log in as that user and have full access to his files in his home directory. ... (3 Replies)
Discussion started by: nfw
3 Replies

4. Solaris

Prevent users logging in as root

I would like to know how to prevent users connecting to a server using SSH as root. I would still like them to be able to login with their username and then change to su. But I would like to prevent them logging in directly as root. I have searched the forum and read that I should set... (3 Replies)
Discussion started by: Sepia
3 Replies

5. UNIX for Dummies Questions & Answers

Editing crontab of non-root user from file

Hi All, Ref: "build crontab from a text file" in same forum. (I am not allowed to post URL's in the first post) We are reorganizing our UNIX Crontab file by first making changes in a word pad text file. The intent is to then copy it back to Crontab. Will this work? Copy and Paste does not... (6 Replies)
Discussion started by: nivedhitha
6 Replies

6. UNIX for Dummies Questions & Answers

logs of commands performed by users

Hi, when 2 users are logged as root , how can i find witch one had perform witch command? Thanks, (1 Reply)
Discussion started by: prpkrk
1 Replies

7. Shell Programming and Scripting

Need to run a bash script that logs on as a non-root user and runs script as root

So I have a script that runs as a non-root user, lets say the username is 'xymon' . This script needs to log on to a remote system as a non-root user also and call up a bash script that runs another bash script as root. in short: user xymon on system A needs to run a file as root user and have... (2 Replies)
Discussion started by: damang111
2 Replies

8. Shell Programming and Scripting

How to prevent a shell script from copy or read from Users

I have a script which do validation check and perform code migration from one env. to another, this is built for users/developers. How can I prevent this shell script from copy or read from users, as they can modify it and run it as per their requirement where as this has to be standard script and... (1 Reply)
Discussion started by: pramendra
1 Replies

9. Shell Programming and Scripting

Find users with root UID or GID or root home

I need to list users in /etc/passwd with root's GID or UID or /root as home directory If we have these entries in /etc/passwd root:x:0:0:root:/root:/bin/bash rootgooduser1:x:100:100::/home/gooduser1:/bin/bash baduser1:x:0:300::/home/baduser1:/bin/bash... (6 Replies)
Discussion started by: anil510
6 Replies

LEARN ABOUT FREEBSD

chroot

CHROOT(8)						    BSD System Manager's Manual 						 CHROOT(8)

NAME

     chroot -- change root directory

SYNOPSIS

     chroot [-u user] [-g group] [-G group,group,...] newroot [command]

DESCRIPTION

     The chroot utility changes its current and root directories to the supplied directory newroot and then exec's command, if supplied, or an
     interactive copy of the user's login shell.

     If the -u, -g or -G options are given, the user, group and group list of the process are set to these values after the chroot has taken
     place.

ENVIRONMENT

     The following environment variable is referenced by chroot:

     SHELL  If set, the string specified by SHELL is interpreted as the name of the shell to exec.  If the variable SHELL is not set, /bin/sh is
	    used.

SEE ALSO

     chdir(2), chroot(2), setgid(2), setgroups(2), setuid(2), getgrnam(3), environ(7), jail(8)

HISTORY

     The chroot utility first appeared in 4.4BSD.

BSD
								   June 7, 2003 							       BSD
All times are GMT -4. The time now is 06:58 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy