Date: Wed, 4 Oct 2000 14:41:26 -0500 From: Dan Nelson <dnelson@emsphone.com> To: "Dan Mahoney, System Admin" <danm@prime.gushi.org> Cc: questions@FreeBSD.ORG Subject: Re: Securing SU Message-ID: <20001004144126.A7295@dan.emsphone.com> In-Reply-To: <Pine.BSF.4.21.0010041149160.28646-100000@prime.gushi.org>; from "Dan Mahoney, System Admin" on Wed Oct 4 11:57:50 GMT 2000 References: <Pine.BSF.4.21.0010041149160.28646-100000@prime.gushi.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Oct 04), Dan Mahoney, System Admin said: > After searching the archives for "su and telnet" and reading about > 250 entries on how you can't telnet as root, man ttys for how to > change this.... > > My question is different (thank god)... > > I was wondering if there was a way to configure su so that it would > disallow a user access if they're telnetted in. (but, say, allow > them if they have sshed in). That's just about impossible. You /could/ have your program try and trace its process parentage back to one that was spawned from sshd, but that wouldn't work for screen sessions, since the front and back halves communicate between fifos, and they sould have been started on different machines. -- Dan Nelson dnelson@emsphone.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001004144126.A7295>