Re: Securetty: limits root login while allowing 'su -'

To: debian-security@lists.debian.org
Subject: Re: Securetty: limits root login while allowing 'su -'
From: Bernd Eckenfels <ecki@calista.eckenfels.6bone.ka-ip.net>
Date: Fri, 24 Oct 2003 02:50:17 +0200
Message-id: <[🔎] E1ACq9h-0000E6-00@calista.eckenfels.6bone.ka-ip.net>
In-reply-to: <[🔎] slrnbpghvr.3o6.ennio@deby.ei.hnet>

In article <[🔎] slrnbpghvr.3o6.ennio@deby.ei.hnet> you wrote:
> I discovered I could 'su -' to root in the excluded ttys.  Do you think
> this is normal behaviour or does my system need re-configuration ?

This is the intended normal behaviour. Idea behind it is to avoid random
admins logging into the system as root so they are not trackable. If the
login as non root and use su, they at least are visible in last.

I think you could, however add "auth requisite pam_securetty.so" to
/etc/pam.d/su, but havent tried.

Greetings
Bernd
-- 
eckes privat - http://www.eckes.org/
Project Freefire - http://www.freefire.org/

Reply to:

Follow-Ups:
- Re: Securetty: limits root login while allowing 'su -'
  - From: Russell Coker <russell@coker.com.au>

References:
- Securetty: limits root login while allowing 'su -'
  - From: "Ennio-Sr" <nasr.laili@tin.it>

Prev by Date: Re: Securetty: limits root login while allowing 'su -'
Next by Date: Re: Securetty: limits root login while allowing 'su -'
Previous by thread: Re: Securetty: limits root login while allowing 'su -'
Next by thread: Re: Securetty: limits root login while allowing 'su -'
Index(es):
- Date
- Thread