Tech Journal Back to Tech Journal

How can I limit the people who can use su?

This is an old idea (I think everyone has done this, except for me.) Anything you want to limit to only a few users, create a group for it, and add the special users to it. In this case, the su command. You don't want your kids to be able to switch to root without your prior consent, so you might create or modify the wheel group (nothing special about the name, it's just become a de facto convention) to include any users you wish to be able to run su (like: root, yourself, and any other administrators.) The simplest way of doing this, is to edit /etc/groups.

Once you've done that set the ownership and permissions of su to only allow the wheel group use it:

$ chown .wheel /bin/su
$ chmod 4750 /bin/su
Last updated on 2001-09-11 14:00:00 -0800, by Shalom Craimer

Back to Tech Journal