reid@cpswh.cps.msu.edu (Dr Richard J. Reid) (10/25/90)
Through "Preferences", at least, individual students on our NeXT's reset and vary things that invalidate the system accounting features as given by: ac -p -d. Does anyone have a scheme to lock individuals out of these management-type accesses similar to Unix requiring super-user status to reset the system time? Incidently, this is an open lab, supported by NFS-servers. Thanks for any suggestions. Dick
cbradley@blackbox.lonestar.org (Chris Bradley) (10/26/90)
In article <1990Oct25.145031.28374@msuinfo.cl.msu.edu> reid@cpswh.cps.msu.edu (Dr Richard J. Reid) writes: >Through "Preferences", at least, individual students on >our NeXT's reset and vary things that invalidate the >system accounting features as given by: ac -p -d. > >Does anyone have a scheme to lock individuals out of >these management-type accesses similar to Unix requiring >super-user status to reset the system time? > Excuse me if this has already been said here, but /NextApps/Preferences is set (in the 1.0a distribution) to run setuid root; this is what allows several different non-root userid's on the same cube to be able to set the time, etc. To disable this "feature," we changed the mode on /NextApps/Preferences with the following command: localhost# chmod 755 /NextApps/Preferences -- Chris Bradley | "There are three things which the public will Businessland Advanced Systems | always clamour for, sooner or later: namely, Dallas, Texas US | Novelty, novelty, novelty." cbradley@blackbox.lonestar.org | -- Thomas Hood 1799-1845