Restrict ‘su’ command – SUSE

Leave a comment Linux , Leave a comment

By default all user has access to command “su”. This command allows login to other user from current shell. Of course they should know target user password. The problem is you cannot have control/log of users once they switched successfully. What happens if the user by chance able to switch as root?

Desired secure method to switch across user is restrict “su” command. Enforce them to use “sudo” instead. Continue reading “Restrict ‘su’ command – SUSE”


How to use SUDO Runas alias?

Leave a comment Linux Leave a comment

Usually SUDO used by non-superuser to run command with root privileges. But in few scenario application/commands stick with it native user. Even with root user privileges it won’t work as expected. For example to run any oracle commands you need to be oracle user.

Here consider mission critical application “xapp1” and it uses user “app1”. Allowing others to login as app1 will result in trouble. The secure way is to allow user to execute limited commands as app1 user. Continue reading “How to use SUDO Runas alias?”