Help: ksu questions

Russ Allbery rra at stanford.edu
Fri Jan 7 23:36:09 EST 2011


Lee Eric <openlinuxsource at gmail.com> writes:

> Thanks Russ. So it looks like I don't need to leak my root password to
> client users, right?

Right, to me that's the main feature of ksu.  (Of course, if they're root,
they have other ways of getting the root password if they're sufficiently
devious, but usually for me the issue is policy and procedure and inherent
risk of more people knowing something, not actually untrusted users.)

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>



More information about the Kerberos mailing list