The UNIX su command lets a user switch to another user using the target user's password. A user who wants to switch a user ID must memorize the target user's password, write it down, or ask the target user to use a trivial password. This violates several password policies. Also, the su command does not record who invoked the command so a user pretending to be the owner of an account is indistinguishable from the actual owner.
CA ControlMinder includes the sesu utility, which is an enhanced version of the UNIX su command. You can configure sesu to prompt the user for their password as a means of authentication, rather than prompting for the target user's password. The authorization process is based on the access rules defined in the SURROGATE class and, optionally, on the password of the user executing the command.
Unlike permission to su, permission to sesu does not depend on knowing the target user's password. Instead, it depends on permissions specified in the database; users remain accountable for their actions because their login identities are remembered.
If a user is a surrogate to one of the users in the _surrogate group, CA ControlMinder sends a full trace of the user's actions as the new user to the audit trail.
To protect against inadvertent use, sesu is marked in the file system so that no one can run it. The security administrator must mark the program as executable and setuid to root before you can use it.
Important! Before you use the sesu utility, define all users to the CA ControlMinder database and set sesu prerequisites. This prevents you from opening up the entire system to users who are not defined to CA ControlMinder.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|