> Normally, disabling root logins in regular sshd does NOT prevent > use of su. > (I routinely set up sshd this way on my servers.) I'd be surprised if lsh > is different here ... but once more, I cannot be certain.
neither lshd nor sshd or telnetd could prevent the use of su, because they simply start a shell where the user can start the command su, as -rwsr-xr-x 1 root root 29116 2002-09-09 22:05 /bin/su sshd and lshd no *nothing* about this, they just provide the transport. If you want to prevent this, chroot the user, give him a shell with a restricted set of commands, or change /bin/su so it is not world executable: chmod 4750 /bin/su and add the users that may use su to the group owning su - Alex PS: SSH=Secure Shell has a misleading name, it doesn't provide a shell, just a secure channel. The shell is still your default login shell, e.g. /bin/bash ------------------------------------------------------- This SF.net email is sponsored by: ObjectStore. If flattening out C++ or Java code to make your application fit in a relational database is painful, don't do it! Check out ObjectStore. Now part of Progress Software. http://www.objectstore.net/sourceforge ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
