Damian G wrote: > On Tue, 14 May 2002 13:21:59 -0700 > Mike Oliver <[EMAIL PROTECTED]> wrote: >> Michael Viron wrote: >> >>> Change the group ownership on su to root:wheel . >>> Next, remove execute permission from "other" on su. >> >> I have to say I find this option kind of puzzling. >> What's the rationale exactly? Why couldn't an >> opponent who knew the root pword just execute >> his *own* copy of su? It seems it would have nuisance >> value at best. Not that nuisance value couldn't be of >> some practical use, provided the security admin doesn't >> think it's a substitute for safeguarding passwords.
> hmm.. how about denying read access too? What would stop the opponent from transferring a copy of su from another machine?
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
