Re: Su from an unprivileged account

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Gene Czarcinski wrote:

On Thursday 15 April 2004 14:09, Daniel J Walsh wrote:


Nic¤ wrote:


Hi all.

Is there a way to easily configure the policy to allow
an unprivileged user to execute the su command.

By default, this is not allowed !


By default it is allowed, there is a tunable to turn this off, but a
normal user should be able to su.



Mmmm .. I wonder if it can be fine tuned enough so that a user could su to another regular user but not root or any user with sysadm_r capability? At the same time, a user with a sysadm_r capability could su to anyone.

That might be an interesting capability to have.



That is what staff_r is defined as. If you turn off user_canbe_sysadm, you will end up with regular users who can't su and
staff users who can.

Gene

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list


[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux