Re: limit the user

Richard Adams Fri, 12 Nov 1999 05:59:01 -0800
On Fri, 12 Nov 1999, Robert Haehnel wrote:
>No I don't have a script to monitor us of su. However, I think it can be done
>without too much trouble.  Perhaps there are others out there that can provide a
>starting point for such a script.

Well you dont really need a script, just the follwoing command line
should get you some results.

cat /var/log/messages | grep su | more

Or let cron do the work from a script and inform you via mail.
Even doing ./name_of_file once a day will do.

#!/bin/sh
#
# Check var/log/messages for the command su and who used it.
# Change the folowing to YOUR machines mailaddress.
# Even root@localhost will do.

[EMAIL PROTECTED]

# define the place to look      i will use /var/log/messages

placetolook=/var/log/messages

cat $placetolook | grep su | mail $mailaddress  

exit 0

>[EMAIL PROTECTED] wrote:
>
>> guys thanks for the reply !!
>>
>> btw... rw2
>>
>> do u have an example of the script ur talking about...
>> actually we did changing the permission.. but the problem is we cant also
>> used that command... what permission should i put??
>>
>> thanks in advance!!
>>
>> ghem
>>
>> On 10 Nov 1999 [EMAIL PROTECTED] wrote:
>>
>> > Robert Haehnel <[EMAIL PROTECTED]> writes:
>> >
>> > > I'm not sure you want to limit use of su. A mere user can use it to switch
>> > > to other user accts if it is warrented. It is too handy a tool to limit use
>> > > of it, what you might want to do it work up a script to log who is using it
>> > > and what accts they are switching to.
>> > >
>> > > The best protection against abuse of su is good password administration
>> > > (especially root passwords).
>> >
>> > Yes, but limiting su on heavily trafficed systems is still a good
>> > thing as it slows an intruders ability to exploit the knowledge they
>> > have.
>> >
>> > Why not just change the permissions on su (or your su wrapper that is
>> > tracking usage) and make the users you want to allow members of a
>> > group (e.g. admin, powerusers).
>> >
>> > rw2
>> >
>> > --
>> > Logically, life must be possible in the Universe.
>> > Else you would not be here.
>> > Assuming you are.
>> >
>
>--
>
>Robert B. Haehnel
>Ice Engineering Research Division
>Cold Regions Research and Engineering Laboratory
>72 Lyme Road
>Hanover, NH 03755-1290
>
>Phone:  (603)646-4325
>Fax:    (603)646-4477
>e-mail: [EMAIL PROTECTED]
>web:    http://www.crrel.usace.army.mil
--
Regards Richard
[EMAIL PROTECTED]
http://people.zeelandnet.nl/pa3gcu/
Re: limit the user

Reply via email to
