Re: [gentoo-user] Re: Block root user from login on xorg GUI

On Sunday 15 November 2009 16:40:48 Nikos Chantziaras wrote: > On 11/15/2009 11:22 AM, Dirk Heinrichs wrote: > > SELinux allows to spread the tasks root needs to do or can do accross > > several roles. Of course, if only one single person has root access to > > the system this doesn't make sense. B

[gentoo-user] Re: Block root user from login on xorg GUI

On 11/15/2009 11:22 AM, Dirk Heinrichs wrote: SELinux allows to spread the tasks root needs to do or can do accross several roles. Of course, if only one single person has root access to the system this doesn't make sense. But we're talking about cases where several people (incl. the malicious a

Re: [gentoo-user] Re: Block root user from login on xorg GUI

Am Samstag 14 November 2009 23:50:42 schrieb Alan McKinnon: > On Saturday 14 November 2009 22:46:18 Dirk Heinrichs wrote: > > Am Samstag 14 November 2009 16:13:04 schrieb Nikos Chantziaras: > > > Ever heard about make menuconfig? > > > > ??? > > The account foolishly being "prevented" from bypass

Re: [gentoo-user] Re: Block root user from login on xorg GUI

On Saturday 14 November 2009 22:46:18 Dirk Heinrichs wrote: > Am Samstag 14 November 2009 16:13:04 schrieb Nikos Chantziaras: > > Ever heard about make menuconfig? > > ??? The account foolishly being "prevented" from bypassing SELinux is root. So, configure a new kernel, disable SELinux, build,

Re: [gentoo-user] Re: Block root user from login on xorg GUI

Am Samstag 14 November 2009 16:13:04 schrieb Nikos Chantziaras: > Ever heard about make menuconfig? ??? Bye... Dirk signature.asc Description: This is a digitally signed message part.

Re: [gentoo-user] Re: Block root user from login on xorg GUI

On Saturday 14 November 2009 17:13:04 Nikos Chantziaras wrote: > On 11/14/2009 12:12 PM, Dirk Heinrichs wrote: > > Am Samstag 14 November 2009 10:21:35 schrieb Nikos Chantziaras: > >> You cannot impose any restrictions to the root user. root is > >> unrestricted by definition. It's useless to eve

[gentoo-user] Re: Block root user from login on xorg GUI

On 11/14/2009 12:12 PM, Dirk Heinrichs wrote: Am Samstag 14 November 2009 10:21:35 schrieb Nikos Chantziaras: You cannot impose any restrictions to the root user. root is unrestricted by definition. It's useless to even start thinking about trying. Ever heard about SELinux? Bye... Ever h

Re: [gentoo-user] Re: Block root user from login on xorg GUI

Am Samstag 14 November 2009 10:21:35 schrieb Nikos Chantziaras: > You cannot impose any restrictions to the root user. root is > unrestricted by definition. It's useless to even start thinking about > trying. Ever heard about SELinux? Bye... Dirk signature.asc Description: This is

[gentoo-user] Re: Block root user from login on xorg GUI

On 11/12/2009 10:01 PM, Mick wrote: I should know how to do this ... It isn't as simple as commenting out vc7 in /etc/securetty, right? The persistent offenders would try to start another X session on a different vc. Is there a trick I could add in /etc/pam.d/login or one of the /etc/pam.d/gdm