Date: Mon, 14 May 2001 08:13:21 -0500 From: Eric Anderson <anderson@centtech.com> To: freebsd-security@freebsd.org Subject: nfs mounts / su / yp Message-ID: <3AFFD9F1.EFB2B30E@centtech.com>
next in thread | raw e-mail | index | archive | help
I'm running FreeBSD client machines and mixed NFS servers. My clients nfs mount (or automount) the shares from the servers, and all are using NIS for login/password authentication. Home areas are NFS mounted also. My question is, if a user has (or gets) root on their desktop machine (FreeBSD 4.x), it allows them to su to any NIS user, and have access to anything as them, etc.. We often have users log in to other users machines, and change desks, etc. So I can't only allow one or two users to log in to a particular box (this would be a nightmare, as I have hundreds of machines to work with). It's more like an su restriction set that needs to be created. Like, only certain users can su to root.. and root can only su to the user that it originally su'd from, if any. I'm just curious what anyone else might be doign to solve this problem, since it allows users to do dangerous things as other users.. Thanks.. Eric -- ------------------------------------------------------------------------------- Eric Anderson anderson@centtech.com Centaur Technology (512) 418-5792 The idea is to die young as late as possible. ------------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AFFD9F1.EFB2B30E>