Help: ksu questions
Lee Eric
openlinuxsource at gmail.com
Sat Jan 8 01:09:41 EST 2011
Thanks Russ, that's very clear. BTW, I think client users shall use
ksu under local machine, not remote machines. Because I notice that
ksu will prompt me that it's unsafe if I type Kerberos password under
insecure connection.
Eric
On Sat, Jan 8, 2011 at 12:36 PM, Russ Allbery <rra at stanford.edu> wrote:
> Lee Eric <openlinuxsource at gmail.com> writes:
>
>> Thanks Russ. So it looks like I don't need to leak my root password to
>> client users, right?
>
> Right, to me that's the main feature of ksu. (Of course, if they're root,
> they have other ways of getting the root password if they're sufficiently
> devious, but usually for me the issue is policy and procedure and inherent
> risk of more people knowing something, not actually untrusted users.)
>
> --
> Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
More information about the Kerberos
mailing list