Securing ROOT

[june54]

Hello Folks

Does anyone know of any software other than " SUDO " to secure root ..We are not comfortable using free software to secure our system ...

Regards;

 

[RodKnowlton]

If you prefer to spend lots of money for software that's not likely to have been as thoroughly tested OR audited, there's always PowerBroker (or will there be? - another open source advantage is a lack of dependence on a vendor's continued existence).

- Rod


IBM Certified Advanced Technical Expert pSeries and AIX 5L
CompTIA Linux+
CompTIA Security+

A Simple Code for Posting on the Web

 

[Chapter11]

Ignoring the proseltyzer

AIX has a fair amount of such protection built-in. Edit a user via the SMIT interface of your choice, and you should note that there is a "Roles" item, that permits you to grant a user the ability to perform various root-like tasks without having to be root.

I make no warranty as to how easy or useful this functionality will be as I've never used it.

That being said, sudo is about as standard in the unix world as gzip and openssh. If you are using either of those products, you should be aware that they too are open-source.

I'm not aware of any auditing agency that considers sudo to be a security risk.