On Thu, Oct 23, 2003 at 10:13:16PM +0000, Ennio-Sr wrote: > I limited root login to two ttys only (in /etc/securetty) but yesterday > I discovered I could 'su -' to root in the excluded ttys. Do you think > this is normal behaviour
Yes. | [EMAIL PROTECTED]:/etc/pam.d# grep securetty * | login:# Disallows root logins except on tty's listed in /etc/securetty | login:auth requisite pam_securetty.so | [EMAIL PROTECTED]:/etc/pam.d# You could try adding this line to the </etc/securetty/su> file and see what happens: | auth requisite pam_securetty.so Just make sure you can get to root in a way other than the <su> command if things break. -- Tom Goulet mail: [EMAIL PROTECTED] UID0 Unix Consulting web: em.ca/uid0/
