From: WRIGGLESWORTH, Christopher (chris.wrigglesworth@atosorigin.com)
Date: Fri Apr 08 2005 - 05:05:19 EDT
Hi Managers
I have a Solaris 8 server that is behaving quite odd. I have set up an
RBAC role to allow an operator to perform some admin tasks. As I understand
it, an RBAC role should only allow a user to su to it, it should not allow
anyone to login to the server directly as the RBAC role. However in testing
I can always login to the server directly as the role. I have tried stopping
and starting nscd but this has no effect. I have also searched sunsolve for
any patches but I've found nothing (that doesn't mean there are no patches,
just that I haven't found them :). Does anyone have any suggestions?
Below are a few detail with the usual security adjustments, if any one would
like more info let me know
System details:
SunOS HOSTNAME 5.8 Generic_117350-02 sun4u sparc SUNW,Sun-Fire-280R
/etc/user_attr
username::::type=normal;roles=rolename
rolename::::type=role;profiles=profile name
Thanks for your help.
Chris Wrigglesworth
Unix Technical Specialist, Unix Technical Support (UK),
Network Infrastructure Solutions, Atos Origin
* Chris.Wrigglesworth@atosorigin.com
_______________________________________________________
This e-mail and the documents attached are confidential and intended
solely for the addressee; it may also be privileged. If you receive this
e-mail in error, please notify the sender immediately and destroy it.
As its integrity cannot be secured on the Internet, the Atos Origin group
liability cannot be triggered for the message content. Although the
sender endeavours to maintain a computer virus-free network, the
sender does not warrant that this transmission is virus-free and will
not be liable for any damages resulting from any virus transmitted.
_______________________________________________________
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:30:31 EDT