Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!clyde!cbatt!ihnp4!houxm!mhuxt!mhuxm!mhuxo!ulysses!allegra!princeton!rutgers!brl-adm!adm!barba@ALMSA-1.arpa
From: barba@ALMSA-1.arpa
Newsgroups: comp.unix.wizards
Subject: su Security
Message-ID: <4193@brl-adm.ARPA>
Date: Mon, 2-Feb-87 16:50:54 EST
Article-I.D.: brl-adm.4193
Posted: Mon Feb  2 16:50:54 1987
Date-Received: Thu, 5-Feb-87 06:59:11 EST
Sender: news@brl-adm.ARPA
Lines: 18

Need some help.  I would like to develop a c program which will check an
authorization table of users PRIOR to execution of the 'su' command.

Ideally this program will allow the user to logon as usual, however, if
the user keys in the 'su' command (root privileges) the userid will be
checked against a table of authorized users.  Should the userid be invalid,
the system will respond with a "sorry, not authorized" type of response and
either exit from the system or bring the user back to a $ prompt.  If
the userid is valid the program continues and executes the 'su' program.

Does this type of program already exist?  We are currently running under
BRL VAX UNIX [4.2BSD].

Any ideas would be appreciated.

Thanks,

Barb Archambault