Hi Security Gurus:
I have following set up:
Multiple Linux PCs use OpenLdap to authenicate, and mount /home to NFS
server
The goals are:
(1) User have its own root passwd of their own Linux PC, and can do
whatever they want on their own Linux PC
(2) but can not damage any other network resources etc. e.g : rm files
on NFS server.
The issue is:
e.g:
on NFS server, there are: /home/user1, /home/user2 etc
user1 has root pw on its own Linux PC1,
user2 has root pw on its own Linux PC2
user1 can log in as local root on Linux PC1,
Even though as root, user1 can not rm /home/user2,
but he can su - user2 on Linux PC1 then rm something.
Any idea how to do it without give up (1) )?
Thanks
Sincerely
Min Wang
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4c77e29a.70...@gmail.com