Is it possible to block root access!!!
 

Hi,

Is it possible to block root access to a particular directory.


With Regards
Anish Kumar.V

You can encrypt the directory or files.

Kind regards

Not as far as I know, but you could disable the root account altogether.

http://edipage.wordpress.com/2008/09...miting-access/

---------- Post added 03-17-11 at 09:03 AM ----------

There's this too.
http://www.centos.org/docs/4/4.5/Sec...es-noroot.html

If for some reason you are giving out the 'root' password and hoping to keep users from accessing a particular directory as 'root' because of this, you need to change the password to root and not allow your users to have the password to root.

Then make a special user for them and add it to the sudoers setup and allow them access to only what they need.

IMHO - - No user except me should be allowed to have real 'root' access.

[QUOTE=reed9;4293765]Not as far as I know, but you could disable the root account altogether.

http://edipage.wordpress.com/2008/09...miting-access/

---------- Post added 03-17-11 at 09:03 AM ----------

/QUOTE]

If you disable root, and enable sudo, the problem is the same, no?

Kind regards

You can achieve Role-Based Access Control with SELinux. You will need to use the Multi Category Security (MCS) policy. If setup correctly, you can block root from accessing confidential material. However, you will need to use dual control - define a Security Administrator, as well as the normal Systems Administrator. Give the Security Administrator control of SELinux roles, and remove the control from root.

Bottom line is, it is do-able, but not easy.

[QUOTE=repo;4293772]Similar, but not the same. Isn't the argument for disabling root that it means there is one less thing to guess if you're trying to crack the system. If root is enabled, you know that user name and then you just have to crack the password. Of course, from the limited info we have, that doesn't seem to be the poster's concern, but as someone else said, why do other people have the root password to begin with?

Hi all,

Thanks for your replies, actually my scenario is we are running a webserver using apache-tomcat in that our client uploading resumes, so that particular space we are allowed to upload

for that we are running java in root permission, so even we changed the particular folder permission also inside the Webapps but that also not works because the entire java process is running in root permission. so that only we planned to block root access for the particular folder once the limit exceed limit through scripts.

This is the right way?? or any other way is available to restrict the user upload inside the WEBAPPS ??? please guide me.


With Regards
Anish Kumar.V