Path: utzoo!attcan!uunet!seismo!sundc!pitstop!sun!amdcad!weitek!pyramid!versatc!tran
From: tran@versatc.UUCP (Tony Tran)
Newsgroups: comp.unix.questions
Subject: Security problem with local root user on SUN workstations
Keywords: local root
Message-ID: <3228@versatc.UUCP>
Date: 15 Nov 88 08:58:57 GMT
Organization: Versatec, Santa Clara, Ca. 95051
Lines: 16


 We run into a big security problem on our SUN local network when a user
 who has access to root (on the local workstation) decides to "su" to
 any valid username on the YP server, and therefore access any file
 he wants.

 Since I cannot keep track of all local root users in the SUN NFS
 environment, how can I get around this serious problem ?

 Any hint/advice would be greatly appreciated.

 Tony Tran

-- 
UUCP: {sun|ames|pyramid|vsi1|mips}!versatc!tran  	Tony Tran
Versatec, 2805 Bowers Avenue, Santa Clara, Calif 95051 (408)982-4317