[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] taking away admin's shell access
- Subject: Re: [cobalt-security] taking away admin's shell access
- From: Bob Griffor <bgriffor@xxxxxxxxxxxxxx>
- Date: Tue, 03 Oct 2000 21:41:18 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
At 07:56 PM 10/3/2000 -0700, you wrote:
Note.. Doing this will probably void your warranty, but it is very simple
root@cobalt # pico -w /etc/passwd
and where you see the entry for admin look like this
admin:x:110:100:Administrator:/home/sites/home/users/admin:/bin/bash
See where it says /bin/bash? You are just going to add a "d" to make it
ba_d_sh
admin:x:110:100:Administrator:/home/sites/home/users/admin:/bin/badsh
CTRL+X to save it, and you must be root to do it.
got it? Thought so... Nice and easy. Cobalt will probably void your
warranty for editing the password file, so be very careful.
There doesn't seem to be a "checkbox" for denying admin this right. Is
there some way to do this through the shell? If so, explicite directions
would be appreciated.
[---]
Bob Griffor - bgriffor@xxxxxxxxxxxxxx
Network Operations Center Analyst
Interliant (Fomerly Sage Networks)
"Building Global Communities"