By default, the sesu utility is marked in the file system so that no one can run it. Before you make sesu available to your users, you must set database rules to ensure it is used safely. You then need to lock the system's su utility so that users are forced to use the CA ControlMinder sesu utility instead.
To set up sesu, do the following:
Note: After you complete this setup, when CA ControlMinder is running the system's su utility will not execute and users will be forced to use the secured sesu utility. When CA ControlMinder is not running, the system's su utility will work.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|