Computer Hope
Software => BSD, Linux, and Unix => Topic started by: sun_os on January 26, 2012, 05:52:09 AM
-
Dear All,
I have no idea to do so the below questions:
1. I add the users and set the password. But I want to avoid someone to overwrite the shadow when log on as root .
2. The users telnet the server, browser the directory. But the telnet connect is time out. What is the first thing I need to check?
Thanks
-
I want to avoid someone to overwrite the shadow when log on as root
You can't. root is omnipotent, by definition.
-
Oh! I want to aviod two root users to edit the /etc/passwd , I don't want to set the acl to complicate the permission on the file. ???
-
I think your best bet is going to be to set up other administrative users and maybe even prevent root from logging on (other than at the console?). I assume you're thinking of SELinux's capabilities - there are some good walkthroughs >here< (http://selinux-mac.blogspot.com/2009/06/selinux-lockdown-part-one-confined.html).