[net.unix] more on superuser

snafu@ihuxi.UUCP (Dave Wallis) (06/14/84)

Well, I guess I rather screwed this one up! 
Yesterday I submitted an article requesting info on how to restrict su
access to my account, but I guess that I didn't include enough
information. Rather than send mail to everyone who has responded
(thanx!), let me restate my question in more detail.

I have a database on my gp unix account that members of my department
need to access. Some of them have accounts on the same machine, others
are on other gp machines.  The system contains both an environment and
the actual database. Currently, users log onto my account, which sets
up a restricted environment with a limited number of commands
avaiable.  The problem is not the people on other machines who have my
password.  The problem is that a person *with his own account on the
same machine* can su to my account (since he knows the password),
avoiding the restricted environment, and have fun and games
time in my directories.

Using group ids is ok except that I still must give out the password
to those who don't have an account on my machine, so I must assume
that the password is not secure (to avoid the very restricted
environment requires passing several levels of barbed wire and alarms,
so I am not too concerned about an outside person gaining access to my
files). So here is my question again: is there a way in unix to
restrict su access (except for root, naturally) to my account?
All replies welcome, please respond by mail, and thanx in advance.

-- 


                              Dave Wallis
                           ihnp4!ihuxi!snafu
                         AT&T Technologies, Inc.
                            (312) 979-5894

grd@iwu1d.UUCP (grd) (06/18/84)

...



Dave:

   We had a similiar problem like this which we resolved as
follows:

We used two login accounts to accomplish this task.
Login xx root level was owned by login yy.  The profile
was also owned by login yy and granted write permission via su
within the profile.  A limited number of functions were allowed
via profile control.  Traps were set to ignore breaks etc on login.
This will prevent the su people to even look at anything because
the permission level will not permit them to do so.  The only
fallacy...  They still can play games etc in the /usr/tmp or /tmp
or their own ids, but I don't think you were concered about this
because if they already have an account on the machine,
they work for the company.

                             Garry R. Daly                             
                             iwu1d!grd                  
                             AT&T-T                                         


..