[2194] in Info-AFS_Redistribution
Special SU program?
daemon@ATHENA.MIT.EDU (Allen Hebert)
Fri Nov 19 16:01:48 1993
From: Allen Hebert <allen@ibmoto.com>
To: info-afs@transarc.com
Cc: dykes@ibmoto.com, sck@ibmoto.com
Date: Fri, 19 Nov 93 12:51:57 -0600
[ ] Motorola Proprietary Confidential/IBM Confidential
[X] Internal Use Only
[ ] Unclassified
We are using Transarc's authenticating login which makes use of
the PAG shell. We like the PAG shells features, but we would still
like to get the users token when we, as administrators, su to the
user's account. This really helps in debugging user problems.
I understand that that is one of the security holes that is plugged
by using PAG shells, but we would like to be able to gain the user's
environment somehow. Here is the type of program that we would like
to see:
- Allows Root to su to a user's account and get user's token.
- Could require Root to enter the Admin password, or some
other privledged password in order to gain this access.
So what my question is, "Does anyone know of such a program?"
and if not, how would I go about writing my own? is it possible,
or does AFS guard against this type of access.
Thanks
*-----------------------------------------------------------------*
| Allen Hebert | allen@ibmoto.com |
| 3:o[ (smiley - pets) | (Somerset Local E-mail) |
| | allenh@daffy.sps.mot.com |
| (512) 795-7306 | (Internet E-mail) |
| Systems/Network Engineering | |
*-----------------------------------------------------------------*
