"su -" is the switch user command. You can switch to and user provided you
supply the appropriate password for that user. If you supply the root
password when prompted, you are are in a session as root. So the easiest way
to keep people from loggin in as root using "su -" is not share the root
password.
I'm not sure you want to limit use of su. A mere user can use it to switch
to other user accts if it is warrented. It is too handy a tool to limit use
of it, what you might want to do it work up a script to log who is using it
and what accts they are switching to.
The best protection against abuse of su is good password administration
(especially root passwords).
[EMAIL PROTECTED] wrote:
> i just want to asked how can i limmit the user who can access the root...
> i mean executing (su -)... is there a way to limit them??
>
> i know that sudo is the one.. but what im talking about the command su -
> cause we already have a sudo..and thats why the other authorized user can
> excecute a command.. that allows to them..
>
> i want to know who's user are trying to log as root...
>
> any suggestions??
>
> ghem
--
Robert B. Haehnel
Ice Engineering Research Division
Cold Regions Research and Engineering Laboratory
72 Lyme Road
Hanover, NH 03755-1290
Phone: (603)646-4325
Fax: (603)646-4477
e-mail: [EMAIL PROTECTED]
web: http://www.crrel.usace.army.mil
