[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Limiting admin privileges

On Thursday 13 December 2001 08:05 am, Robert Kerr wrote:
> Hi all,
> My group is looking into providing Linux workstations to the engineers,
> but we're worried about future problems regarding admin privileges.  We
> would like to give our engineers root on their boxes so they can set them
> up and provide patches and such.  But, su-ing to root will also allow them
> to access any other users' files (since we have an automount NFS daemon
> which will mount the other users' home directories when accessed).  What
> kind of utilities are available that would allow the users admin-type
> privileges, but disallow their munging others' files?
> Thanks


for what it is worth, the drives that i have mounted on my machine via nfs 
cannot be changed via root. root is an unpriviledged user so far as the nfs 
mounted files are concerned. my normal user can only change files which the 
user has access to. same for root. these files are exported from an hp-ux 
machine. in order for root to have priviledged access on my machine, the 
exporting machine has to explicitly set the privileges.

for more information on this refer to man exports under "User ID Mapping"

allen wayne best
contractor, diagnostics and support tools
"your friendly neighborhood rambler owner"
"my rambler will go from 0 to 105"
Current date: 9:32:15::350:2001

Ramblers -- Don't you wish everyone had one?

Reply to: