HPE Community
Operating System - HP-UX
1834007 Members
1932 Online
110063 Solutions
New Discussion

Secure Login

 
avm
Contributor

‎03-08-2001 08:49 AM

‎03-08-2001 08:49 AM

Secure Login

Is there any way to hide a user having id 0 or
give a normal user root equivalent rights ?
thanks in advance
0 Kudos
Reply
3 REPLIES 3
Brian Markus
Valued Contributor

‎03-08-2001 09:51 AM

‎03-08-2001 09:51 AM

Re: Secure Login

I use a program named SUDO . You can allow users to do certain things as root, with out actually haveing root. Also, for operators that need to do certain things on your box you might want to look into "Restricted Sam" You type sam -r and you can assign users privaliages to do certain things in sam. For example you want them to launch Samba as user root, or as user smb, you can make an icon in sam to launch that, in the properetys for that icon you can set who it is launched by.
I would look into SUDO first.

Good luck
Brian
When a sys-admin say's maybe, they don't mean 'yes'!
0 Kudos
Reply
Jerry L. Anderson
New Member

‎03-13-2001 11:36 AM

‎03-13-2001 11:36 AM

Re: Secure Login

avm,

After some more thought I wonder if you are asking how to tell if your system has been compromised.

There are many ways for a user to hide their capabilities and actions once they have compromised root. Probably the most powerful would be a rootkit. The simplest would be a setuid root copy of a shell tucked away in some obscure directory and rarley used.

Although I personally am not aware of a rootkit for HP-UX it would certainly be possible to compile the various components on an HP platform.

If you specify your concerns a little more explicitly it may be possible to get some more applicable answers.
0 Kudos
Reply
Philip Chan_1
Respected Contributor

‎04-04-2001 06:49 PM

‎04-04-2001 06:49 PM

Re: Secure Login

I second for Brian's recommendation on SUDO,

http://www.courtesan.com/sudo/

another alternative is to grant sam admin menu items to normal users through restricted sam (sam -r).

Rgds,
Philip
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.