I have three different solutions:
1. Restrict su to group executable (take away other executable privilege) and
   add the authorized users to the group.
2. Use sudo
3. Declare the privileged users in the wheel group [I think it only works on
   SunOS 4.1.x]
I am going with solution 1 for the present and solution 2 in about 2 weeks from
now ;-)
Thanks to:
Bill Hathaway <wdh@poss.com>
Todd Herr <todd_herr@hermes.sra.com>
Matthew Stier <Matthew.Stier@tddny.fujitsu.com>
System Administrator <smitty@ConnectI.com>
Burak Baysal <bbaysal@ee.siue.edu>
Mark Hargrave <hargrme@wisdom.maf.nasa.gov>
"Eric D. Pancer" <eric@outlook.net>
Leif Ericksen <phantom@wwa.com>
Karl Boehnker <s1033761@admiral.umsl.edu>
Todd Herr <todd_herr@hermes.sra.com>
Tim Fritz <tim@wayback.er.usgs.gov>
Sean <shadow6@bellsouth.net>
Ann Benninger <ahb@exelixis.com>
"Steve Baylon" <steveb@sqq89.com>
Benjamin Cline <benji@hnt.com>
Leonard Miyata <leonard@geminisecure.com>
David Lew <dlew@jps.net>
Timothy Lorenc <lorenct@load.com>
Rob Leonard <r.leonard@metrolink.net>
"Rodney C. Marable" <marable@mage.netgen.com>
Original question:
>Hi all:
>
>I am looking for a way to restrict the `su root` privilege to only two users on
>the system.  Is it possible on Solaris 2.6?
>
>I have already restricted root login to console but su can be performed from
>anywhere.
>
>I checked the Solaris Answer Book as well as the FAQ for this list but did not
>find any.  Please help.  Will summarize.
>
>Sanjiv
>-- 
>Sanjiv K. Bhatia                Department of Math & Computer Science
>sanjiv@aryabhat.umsl.edu        University of Missouri -- St. Louis
>voice: (314)-516-6520           St. Louis, MO 63121-4499
>fax  : (314)-516-5400           http://www.cs.umsl.edu/Faculty/sanjiv.html
>
-- Sanjiv K. Bhatia Department of Math & Computer Science sanjiv@aryabhat.umsl.edu University of Missouri -- St. Louis voice: (314)-516-6520 St. Louis, MO 63121-4499 fax : (314)-516-5400 http://www.cs.umsl.edu/Faculty/sanjiv.html
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:48 CDT