Re: Proposal: Allowing access to dmesg for users in group adm
* Nicholas D. Steeves:
> Given that our default sudoers (and afaik Ubuntu's) provides the
> following rule
>
> %sudo ALL=(ALL:ALL) ALL
>
> would it be reasonable to modify this proposal to use the "sudo" rather
> than "adm" group, given that we don't yet have a default mechanism to
> enforce a "if groups = (sudo AND adm)" mechanism?
I don't think so. sudo should be dedicated to sudo access management.
I expect that system administrators would be surprised if it confers
completely unrelated privileges.
Reply to: