Login or Register to Ask a Question and Join Our Community


Solaris

Restricting use of su - (Solaris 11)

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Solaris Restricting use of su - (Solaris 11)
# 1  
Old 09-28-2017
Restricting use of su - (Solaris 11)
OK. So I can prevent remote systems from logging in as root by uncommenting the CONSOLE entry /etc/default/login.

BUT, is there a way to stop su - (when already logged in as own user)?

The way we do it is to set up sudoers so users who need access can do sudo su -
# 2  
Old 09-28-2017
Yes, so your question is?
# 3  
Old 09-28-2017
By default:
Without privilege, a normal user cannot use the su command to become another user - unless that normal user has the password to the other account. If that is not true then something is seriously wrong with your security setup. With Solaris 10 & 11 RBAC it would, in theory, be possible to set up this scenario - but do not do that. On Solaris 11 you can create a root role, for example then give that role to everyone on the system. Bad idea.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Restricting File List while doing ls

Is there any best way to restrict some of the listed files when you do ls. In the output i am doing grep -v wanted to see if i can use a better command to get this output. Command: > ls -lrt wf_Load_25.log.INSTANCE_21_20072.* -rw-r--r-- 1 infrmtca infrmtca 19373 Mar 12 14:14... (1 Reply)
Discussion started by: Ariean
1 Replies

2. Shell Programming and Scripting

restricting users

how can i make my users to not use particular commands in the network like:wall....... pl z help me regarding this (1 Reply)
Discussion started by: yashwanthguru
1 Replies

3. UNIX for Dummies Questions & Answers

Restricting SFTP access

Hello, I am using MySecureShell to chroot all sftp accesses. The problem that I have is that my boss does not want root to be able to use sftp. Root should still be able to ssh. Any ideas? (2 Replies)
Discussion started by: mojoman
2 Replies

4. UNIX for Advanced & Expert Users

Restricting access to code

Hi All, I am facing a problem, regarding code security on a server. We have configured a server which contains our code (ear present in jboss/server/xyz/deploy) in it, and need to bind the code to the server itself so that no one can take the code out of the. the problem is that the password of... (3 Replies)
Discussion started by: akshay61286
3 Replies

5. UNIX for Dummies Questions & Answers

Restricting SSH usage

Hello, For one of our servers, we have had people trying to illegally loggon using the ssh service. My manager has asked me to restrict ssh access to users in our internal network but close ssh access to the "outside" world. Could someone at the very least point me to some resources on the... (7 Replies)
Discussion started by: mojoman
7 Replies

6. Linux

Restricting IPs on Linux?

I have a need to allow only certain IP addresses to access a machine running Linux. I don't know how would i do it, not an expert at CMD? Thanks in advance for your help. (2 Replies)
Discussion started by: waqaslone
2 Replies

7. Solaris

restricting access to a server

We want to secure access to a server by restricting the number of users who can login to it. Our users are NIS users. Only few of them can telnet/ssh this server. Do you have any idea on how to implement that? thanks. (1 Reply)
Discussion started by: melanie_pfefer
1 Replies

8. Solaris

restricting access

Hi All, I'm on Solaris 8, I need to provide Read-only access to a user to 2 directories only. Using rsh (restricted shell) as the user's login shell, I can restrict the user's access to a certain directory only, but how can I set in such a way that the user can access only the 2 directories... (4 Replies)
Discussion started by: max_min
4 Replies

9. UNIX for Dummies Questions & Answers

Restricting access

I need to create a user that only has access to 1 directory (e.g. /vol/mita/test). The user needs to be able to rsh into that directory to run a script. The user should not be able to navigate to any other directories above /vol/mita/test. Any help would be appreciated! (4 Replies)
Discussion started by: ngagne
4 Replies

10. Cybersecurity

restricting access...

restricted access... Hi I need to restrict users shell access to only $HOME under /home for each user. I don't want them getting out of their own directories. From what I understand chroot is something I could use, but I want to avoid this since it involves creating symbolic links to a number... (9 Replies)
Discussion started by: alwayslearningunix
9 Replies
Login or Register to Ask a Question