First page Back Continue Last page Summary Graphics
Lock it Down!
Secure access to root so that you must be on the local console.
- /etc/securetty
- /etc/default/login
- /etc/pam.d/<app> or /etc/pam.conf
Restrict execution of the su command to only root (or use a wheel group as in BSD).
- chgrp wheel /bin/su
- chmod 750 /bin/su