Normally, disabling root logins in regular sshd does NOT prevent
use of su.
(I routinely set up sshd this way on my servers.) I'd be surprised if lsh
is different here ... but once more, I cannot be certain.
neither lshd nor sshd or telnetd could prevent the use of su, because they
simply start a shell where the user can start the command su, as
-rwsr-xr-x1 root root29116 2002-09-09 22:05 /bin/su
sshd and lshd no *nothing* about this, they just provide the transport.
If you want to prevent this, chroot the user, give him a shell with a
restricted set of commands, or change /bin/su so it is not world executable:
chmod 4750 /bin/su
and add the users that may use su to the group owning su
- Alex
PS:
SSH=Secure Shell has a misleading name, it doesn't provide a shell, just a
secure channel. The shell is still your default login shell, e.g. /bin/bash
---
This SF.net email is sponsored by: ObjectStore.
If flattening out C++ or Java code to make your application fit in a
relational database is painful, don't do it! Check out ObjectStore.
Now part of Progress Software. http://www.objectstore.net/sourceforge
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
