The Linux and Unix Menagerie: "2. Take the idea of making generic accounts su-only one step further and start restricting access to the su binary as much as possible. If you can get away with it, ensure that your /usr/bin/su file is chowned to root:special and chmod'ed to 4750. Now only root and users who belong to the "special" group can even use su to do anything. Everyone else will get an error just for trying to run it."
Subscription
Categories
- HowTos (612)
- Linux Devices (40)
- Linux Diggs (620)
- Linux News (1541)
- Linux Videos (24)
Recent Posts
Blog Archive
-
▼
2008
(2301)
-
▼
August
(1065)
- HOWTO: Managing Active Directory Users Under Linux...
- ATI R500: Mesa vs. Catalyst Benchmarking
- Wish list: 10 improvements for KDE 4.2
- LyX 1.6 is ready for release
- Make etexts pretty with GutenMark
- Hans Reiser Sentenced to 15-to-Life
- Novell Gets Close to Linux Foundation, Microsoft G...
- AXFS, Advanced Execute In Place Filesystem
- Microsoft Breaks IE8 Interoperability Promise
- Where the Linux laptops live
- Another Reason to Avoid Samsung, Microsoft and Nik...
- FreeBSD - A better chioce for the Open Desktop?
- Preventing Brute Force Attacks With Fail2ban On Fe...
- Interview: Andy Hertzfeld
- Nepomuk, KDE To Introduce the Semantic Desktop
- Nvidia 55nm Parts Are Bad Too
- Lenovo Demands Vow of Silence From Windows Wantaway
- Gerald Carter of Likewise talks about LDAP for Lin...
- Track your investments with Grism
- Android Market Debuts - Now Let's See Some Phones
- Distribution Release: Kiwi Linux 8.08
- What the FSF is doing Wrong
- EVDO and VoIP for remote audio transmission
- InformationWeek: Linux Foundation’s Collaboration ...
- Behind the Doors of the Free Software Foundation
- Dell Unveils New Vostros With Ubuntu
- Wikis in Education: Teaching Students to Share Kno...
- Quebec sued for ignoring Free Software
- The A-Z of programming languages: Python
- Thomas Vander Stichele: mach 0.9.4 ‘Maroc’ is rele...
- Thomas Vander Stichele: Congrats
- Automatic backup for sporadically connected client...
- Distribution Release: Turbolinux 12
- Flock Social Networking Web2.0 Browser in openSUSE
- Create Time-availability Maps with Perl and Google...
- Run emacs from init
- Development Release: PC-BSD 7.0 Beta 1
- Development Release: Pardus Linux 2008.1 Beta
- Linux Jumps To 13.4 Percent Of The Stalling Server...
- An open letter to Barack Obama and the DNC (or, ch...
- Greens urge end to software patents
- Developing For the Embedded Linux Nokia N810
- Running A File- And Print-Server With eBox On Ubun...
- Behind the doors of the Free Software Foundation
- Linux Foundation announces end user summit
- Eco Innovation in the Datacenter — A Slide Deck by...
- Interview with Tom Wickline, of the Bordeaux Project
- Can Open Source Replace Microsoft Exchange?
- BSD Job Trends
- Ignoring open source will put companies at a serio...
- Make etexts pretty with GutenMark
- LyX 1.6 is ready for release
- Linux Systems Being Hit By SSH-Key Attacks
- Debating the Firefox SSL Certificate
- Online Encyclopedia Shell Script For Linux And Unix
- Taking the Pulse of the Eclipse Ecosystem
- Astaro: Tapping the Channel for Security Revenue
- A Real Space Oddity Arrives at PC Pro
- The Problem With Open-source Revenue Models
- Four Twitter clients for Linux
- Nettop is "almost fanless"
- Vista FUD?
- Indywiki: Visual browser for Wikipedia
- 10 "Really Cool" Icon Sets for Ubuntu/GNOM...
- Psystar Responds to Apple Suit, Will Countersue
- Is There a Future for UltraSPARC Workstations?
- Acetoneiso2 - A Full Feature Rich Image/ISO Tool F...
- VisionTek Radeon HD 4870 X2 2GB
- How the bad documentation hurts GNU/Linux.
- Software Patents Riot Spreads to Four Continents
- New Version of Xen Hypervisor Hits the Streets
- Mozilla Introduces New Ubiquity Mashup Machine
- SSH Key-based Attacks
- Versioned MySQL Backups with Bazaar
- Penguins Linux Ad (YouTube video)
- KMess - MSN Messenger Client for KDE in openSUSE L...
- Voiceroute execs talk about going (mostly) open so...
- Inside the SFLC's "Practical Guide to GPL Comp...
- Space Cube - The World's Smallest Linux PC
- Sun for Sale?
- Be a Productive Linux User
- Cisco buys PostPath, targets Microsoft Exchange
- Easy file uploads with Droopy
- Development Release: Debian Live 5.0 Beta 1
- Moving LVM volumes to a different volume group
- Novell and Microsoft: Stop with the FUD already
- Anatomy of Linux Dynamic Libraries
- 5 Factors Making Ubuntu Server Business Ready
- 10 Fundamental Differences Between Linux and Windows
- Tailf - watch the linux log file grows
- Linux under attack: Compromised SSH keys lead to r...
- News to know: Psystar vs. Apple; WGA; Linux under ...
- One Less Windows User
- Development Release: SimplyMEPIS 8.0 Beta 1
- Be a Productive Linux User
- PostPath: Enterprise-strength open source alternat...
- RDesktop - remote desktop howto
- HowTo: Install Linux Hardware Browser
- RDesktop - remote desktop howto
- Interview With Kris Moore, PC-BSD Lead Developer
-
▼
August
(1065)
ILoveTux - howtos and news | About | Contact | TOS | Policy
0 comments:
Post a Comment