From owner-freebsd-security Wed Mar 27 8:16:58 2002 Delivered-To: freebsd-security@freebsd.org Received: from pittgoth.com (14.zlnp1.xdsl.nauticom.net [209.195.149.111]) by hub.freebsd.org (Postfix) with ESMTP id 8C4B537B405 for ; Wed, 27 Mar 2002 08:16:51 -0800 (PST) Received: from localhost (lcl234.zbzoom.net [208.236.36.234]) by pittgoth.com (8.11.6/8.11.6) with SMTP id g2RG0wq52259; Wed, 27 Mar 2002 11:00:58 -0500 (EST) (envelope-from darklogik@pittgoth.com) Date: Wed, 27 Mar 2002 11:06:16 -0500 From: Tom Rhodes To: bv@wjv.com Cc: security@FreeBSD.ORG Subject: Re: Question on su / possible hole Message-Id: <20020327110616.58e6ead1.darklogik@pittgoth.com> In-Reply-To: <20020327140006.GA30556@wjv.com> References: <20020327140006.GA30556@wjv.com> X-Mailer: Sylpheed version 0.7.4 (GTK+ 1.2.10; i386-portbld-freebsd4.5) Mime-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; boundary="=.xl/oJmUFZ,c6cB" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --=.xl/oJmUFZ,c6cB Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Wed, 27 Mar 2002 09:00:06 -0500 Bill Vermillion wrote: > I don't know if this is where I should ask, so apologies if it's > the wrong place. Perhaps... > Bill > > -- > Bill Vermillion - bv @ wjv . com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > What I do with my server, users that are in the wheel group MUST use ssh(1) v2 key authentication. If you read the ssh documentation, there is a way you can restrict access to IP address also. You may wish to investigate the use of ssh(1) for your system ;) -- Tom (Darklogik) Rhodes www.FreeBSD.org -The Power To Serve www.Pittgoth.com -Pittgoth Discussion Portal trhodes@ {Pittgoth.com, FreeBSD.org} --=.xl/oJmUFZ,c6cB Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) iD8DBQE8oe38wPmgiRuevUMRAkbwAJ4+4kL+6yzwuonaiin5gVZ4/idd6ACdGT9I drvX92TPEy1lJ/2zh8yQQqc= =vMm7 -----END PGP SIGNATURE----- --=.xl/oJmUFZ,c6cB-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message