Using SCO Unix 'asroot'
authorization to change other users passwords, use passwd command
Message-ID: References: <firstname.lastname@example.org>
SCO uses "asroot" to have the functionality of "sudo". You can use sudo on SCO systems but the built-in method is "asroot" and the various kernel authorizations that go with it. For certain tasks, like controlling printers or changing passwords, a user can be given specific power for those functions. For example, to run passwd, the user needs "auth" authorization (and doesn't need "asroot" at all), which will let them run passwd for any other user that does NOT have "auth" authorization. The idea behind this is that this user can change other users passwords, but not root's, or that of any other user who has been granted this power. It would be a major danger to do this any other way.
This is a good example of giving partial power without full root authority.
Unixware uses tfadmin for similar functionality: uw7 root privileges sudu asroot.
There are people who feel that no one should ever have direct root access, that all system maintenance should be done through sudo or something like it. Apple's Mac OS X largely follows that, and I'm not uncomfortable with it though I do have some reservations: sudo vs. root access.
See "man authorize"
Got something to add? Send me email.
(OLDER) <- More Stuff -> (NEWER) (NEWEST)
Printer Friendly Version
Increase ad revenue 50-250% with Ezoic