Path: utzoo!attcan!uunet!lll-winken!lll-tis!mordor!joyce!ames!ucsd!ucsdhub!jack!nusdhub!rwhite
From: rwhite@nusdhub.UUCP (Robert C. White Jr.)
Newsgroups: comp.unix.wizards
Subject: Re: Booting SunOS 4.0 singlu user (was Re: NFS security)
Message-ID: <1157@nusdhub.UUCP>
Date: 12 Sep 88 20:30:29 GMT
References: <12397@duke.cs.duke.edu>
Organization: National University, San Diego
Lines: 16

in article <12397@duke.cs.duke.edu>, ndd@romeo.cs.duke.edu (Ned D. Danieley) says:
> If I understand what you've described, the only way to protect a
> workstation from someone booting it single user is to deny root
> the ability to log in on that workstation. Doesn't sound very elegant
> to me.

Actually, I don't see what would be wrong with
requiring a user to log in as themselves and
then su to root.

That way you would have some record of who did
what when.  Of course a smart little sniper would
just empty/edit sulog, but making only normal logins
legal, and then allowing su generally makes sense to
me.

Rob.