--- On Fri, 10/24/08, Manolis Kiagias <[EMAIL PROTECTED]> wrote:
> From: Manolis Kiagias <[EMAIL PROTECTED]>
> Subject: Re: root | su
> To: "Jos Chrispijn" <[EMAIL PROTECTED]>
> Cc: "FreeBSD Questions" <freebsd-questions@freebsd.org>
> Date: Friday, October 24, 2008, 2:25 PM
> Jos Chrispijn wrote:
> > Is there a way of stopping root from su'ing to
> another user?
> >
> > Jos Chrispijn
> >
> Root is supposed to be the almighty god on your machine
> (i.e. you...). 
> No point trying to limit the abilities of root (especially
> if physical 
> access is also provided).
> And seriously,  root is a role not a person. If you find
> yourself trying 
> to limit root's capabilities, you've probably
> surrendered the root 
> password to the wrong person. If you need to give someone
> limited root 
> access to a machine, just use security/sudo instead (with a
> carefully 
> crafted sudoers file).

That's one option.  Another is to implement jails, or virtualization via 
something like qemu.  

Since the person asking didn't give any details of what he wants to do, it's 
hard to say, but your point is correct regardless.  

- mdh

freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to