On Tue, 23 Mar 1999, Scott D. Yelich wrote:
> So, this client owns their own isp. They have root access. They often
> type "passwd" without an account to change the password for one of
> their account -- yet they zap the root password. Ignore my solution --
> how would you prevent this provided that the isp owner will not stop
> using the command and you don't want to write a wrapper for them around
> the root command (since it's not a single person who does this).
Easy enough, use something like sudo and adjust your passwd program (you
have source right?) to disallow the changing of the root password. Only
allow them to execute your passwd changing <program/script/wrapper>
through sudo. You're the con<in>sultant. It's your job to protect them
from themselves. :-)
Matt
``````````````````````````````````````````````````````````````````
Matt Simerson http://users.michweb.net/~matt
MichWeb Inc. - President http://www.michweb.net
The Art Farm - Technical Wizard http://www.theartfarm.com
Better to dare Mighty Things and fail, than to live in __o
a gray twilight where there is neither victory or _-\<,_
defeat. -- attributed to Theodore Roosevelt ......(_)/ (_)
``````````````````````````````````````````````````````````````````
