[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: Redhat security
- From: Alexander Woodby <awoodby tir com>
- To: redhat-install-list redhat com
- Subject: Re: Redhat security
- Date: Wed, 28 Oct 1998 13:58:33 -0800
cat su
#%PAM-1.0
auth required /lib/security/pam_pwdb.so shadow nullok
account required /lib/security/pam_pwdb.so
auth required /lib/security/pam_wheel.so
password required /lib/security/pam_cracklib.so
password required /lib/security/pam_pwdb.so shadow use_authtok
nullok
session required /lib/security/pam_pwdb.so
[root bsd1 pam.d]# pwd
/etc/pam.d
The first thing I recommend EVERY user of RedHat do is make the mods
above to /etc/pam.d/su
By default, ANYONE can su to root if they know the password, the
pam_wheel.so module makes it so that you must be in the root group to su
to root.
Also make SURE you put your login in /etc/groups so that you can su to
root.
As for the general secure-ness of RedHat, when I first came to my
current company they were running BSD/OS and were thoroughly
compromised, I'd barely been here when the system started crashing
because users were root and doing nasty things to the filesystems...
(didn't even bother to go to root to so it sometimes) Admittedly this
BSD system was very poorly maintained, but I scrapped it (when the users
managed to completely kill the drives) and installed RedHat. This
company had gained quite a lot of attention, since someone was selling
shell accounts on the server for IRC on IRC..... (I told you it was
severely compromised!)
Though there are STILL weekly attempts at breaking into the system there
has not yet (past 9 months or so) been a successful DOS or intrusion.
RedHat's plenty secure for me. :)
--alexander woodby
Kodenet System Administrator
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]