On Fri, Aug 05, 2005 at 06:13:14AM +1000, James wrote: > On 8/4/05, Ken Foskey <[EMAIL PROTECTED]> wrote: > > Got this one today, strange one: > > > > "Do you know if it is possible to setup a Linux redhat server to require > > two passwords to gain root access? The responsibilities for the server > > are going to be split over two different teams and we don't want either > > to have root access without the other team knowing about it. Please let > > me know if you can come up with something." > > > > Basically they would like to set up the machine so that it requires two > > people to sign in to root, an application guru and an administrator. > > If anything is destroyed then they are both accountable as they look > > over each others shoulders. > > I hope you don't mean literally "over each others shoulders" as the > whole 2 password thing becomes redundant once they shoulder surf each > other ;-).
There was an article written a while ago about a kernel module that blocked all attempts to start new applications to run unless a preconfigured usb device was plugged into the system, so no new process could be start as root. You could give one team the usb key and team the root password! hard part is find the info on this usb kernal module > > > -- > James > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html >
signature.asc
Description: Digital signature
-- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
