Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: restriction of the "su" command
Special Forums Cybersecurity restriction of the "su" command Post 9820 by TioTony on Sunday 4th of November 2001 01:35:21 AM
Old 11-04-2001
Hi xyyz,
You could lock down the actual binary and only give execute permissions to what ever group you want. For example, below you said you have a sysadmin group. You could do this to su:

chown root:sysadmin su
chmod 550 su

I don't know what side effects there could be from doing this as I haven't tried it. Default perms on my box are -r-sr-xr-x, which kind of implies that there may be a reason everyone has execute by default.

If that doesn't work for you there is always pam or sudo.
TioTony
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

The "PS" command was displaying*terminals named as "SYSCON"

Hi, When typing the command ps -fe.the system is showing a process called SYSCON:confused:.... I am not sure what process is that.I hava a script that kills all command staring with 'sys' but i don't want to kill syscon:( since i think it is some system process:confused: .Please help me to find... (1 Reply)
Discussion started by: kiranjose85
1 Replies

2. UNIX for Dummies Questions & Answers

how to install "source" command!/ broken "login.cl"!

Hello, I am new to this forums and this is my first "asking help" message! i have 2 problems: 1- for unknown reasons the "source" command is not avalable in my system (UBUNTU). i can't either see it in my bin directory! 2- again for unknown reasons the "login.cl" file in the home... (0 Replies)
Discussion started by: astrosona
0 Replies

3. UNIX for Dummies Questions & Answers

Command Character size limit in the "sh" and "bourne" shell

Hi!!.. I would like to know what is maximum character size for a command in the "sh" or "bourne" shell? Thanks in advance.. Roshan. (1 Reply)
Discussion started by: Roshan1286
1 Replies

4. UNIX for Advanced & Expert Users

Command Character size limit in the "sh" and "bourne" shell

Hi!!.. I would like to know what is maximum character size for a command in the "sh" or "bourne" shell? Thanks in advance.. Roshan. (1 Reply)
Discussion started by: Roshan1286
1 Replies

5. Shell Programming and Scripting

Command Character size limit in the "sh" and "bourne" shell

Hi!!.. I would like to know what is maximum character size for a command in the "sh" or "bourne" shell? Thanks in advance.. Roshan. (1 Reply)
Discussion started by: Roshan1286
1 Replies

6. UNIX for Dummies Questions & Answers

the meaning of "!:*" in "alias foo 'command\!:*' filename"

Hi: How can I remove my own post? Thanks. (2 Replies)
Discussion started by: phil518
2 Replies

7. Shell Programming and Scripting

awk command to replace ";" with "|" and ""|" at diferent places in line of file

Hi, I have line in input file as below: 3G_CENTRAL;INDONESIA_(M)_TELKOMSEL;SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL My expected output for line in the file must be : "1-Radon1-cMOC_deg"|"LDIndex"|"3G_CENTRAL|INDONESIA_(M)_TELKOMSEL"|LAST|"SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL" Can someone... (7 Replies)
Discussion started by: shis100
7 Replies

8. UNIX for Dummies Questions & Answers

Unix "look" Command "File too large" Error Message

I am trying to find lines in a text file larger than 3 Gb that start with a given string. My command looks like this: $ look "string" "/home/patrick/filename.txt" However, this gives me the following message: "look: /home/patrick/filename.txt: File too large" So, I have two... (14 Replies)
Discussion started by: shishong
14 Replies

9. UNIX for Dummies Questions & Answers

Using "mailx" command to read "to" and "cc" email addreses from input file

How to use "mailx" command to do e-mail reading the input file containing email address, where column 1 has name and column 2 containing “To” e-mail address and column 3 contains “cc” e-mail address to include with same email. Sample input file, email.txt Below is an sample code where... (2 Replies)
Discussion started by: asjaiswal
2 Replies

10. Shell Programming and Scripting

Bash script - Print an ascii file using specific font "Latin Modern Mono 12" "regular" "9"

Hello. System : opensuse leap 42.3 I have a bash script that build a text file. I would like the last command doing : print_cmd -o page-left=43 -o page-right=22 -o page-top=28 -o page-bottom=43 -o font=LatinModernMono12:regular:9 some_file.txt where : print_cmd ::= some printing... (1 Reply)
Discussion started by: jcdole
1 Replies

LEARN ABOUT ULTRIX

install

install(1)						      General Commands Manual							install(1)

Name
       install - install binaries

Syntax
       install [-c] [-m mode] [-o owner] [-g group] [-s] binary destination

Description
       The  binary  is moved to destination.  If destination already exists, it is removed before binary is moved.  If the destination is a direc-
       tory then binary is moved into the destination directory with its original file-name.

       The command refuses to move a file onto itself.

Options
       -c		   Copies binary to destination.

       -g group 	   Specifies a different group from group staff for destination.  The destination is changed to group system; the -g group
			   option  may	be used to specify a different group.  The user must belong to the specified group and be the owner of the
			   file or the superuser.

       -m mode		   Specifies a different mode from the standard 755 for destination.

       -o owner 	   Specifies a different owner from owner root for destination.  The destination is changed  to  current  owner.   The	-o
			   owner option may be used to specify a different owner, but only the superuser can change the owner.

       -s		   Strips the binary after it is installed.

See Also
       chgrp(1), chmod(1), cp(1), mv(1), strip(1), chown(8)

																	install(1)
All times are GMT -4. The time now is 04:12 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy