On Fri, Aug 27, 2010 at 7:06 PM, Min Wang <ser.ba...@gmail.com> wrote: > > user1 can log in as local root on Linux PC1, > Even though as root, user1 can not rm /home/user2, > but he can su - user2 on Linux PC1 then rm something. You need NFS4 with gssapi. This way to access someone's file you need an appropriate (his) credentials from KDC (which will be hosted near by your LDAP server).
-- Zaar -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktimu03mozp8hq1mgcgaj_eb_bcf_ofovcfks4...@mail.gmail.com
