Hi, you can change the PAM attributes of "su", avoiding local root to get user account access. Of course, if your /etc is local, you'll still have the problem.
Le jeu, 23 nov 2000, Alex Pires de Camargo a écrit : > Hi! > I administer a network with server and clients Debian based, > and would like to know if I can solve this problem. > It's a little easy to an user open a PC, damage the batteries, > boot with floppy and login as root in a client. But one thing is > undesirable. He can do su - <users> and do many things on users > homes. The rootsquash options on nfs solve the problem when the > user is root, but as I explain, this is not sufficient. > Is there anything I'm forgetting to make? On server I run > potato, nis (not nis+), nfs-kernel-server. > Thanks, > > Alex. -- AGISphere Philippe BARNETCHE 14, Boulevard Vital Bouhot 92200 NEUILLY/SEINE 01 47 45 99 92 06 10 01 68 11
