Help: ksu questions

Russ Allbery rra at
Fri Jan 7 23:36:09 EST 2011

Lee Eric <openlinuxsource at> writes:

> Thanks Russ. So it looks like I don't need to leak my root password to
> client users, right?

Right, to me that's the main feature of ksu.  (Of course, if they're root,
they have other ways of getting the root password if they're sufficiently
devious, but usually for me the issue is policy and procedure and inherent
risk of more people knowing something, not actually untrusted users.)

Russ Allbery (rra at             <>

More information about the Kerberos mailing list