[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: shared root account

admittedly, i am not very familiar with sudo because i have never seen the
practical advantages of making su'ing more of a hassle by having to manage
another set of conf files and keeping track of who's a sudoer and,
therefore, have chosen not to use it.

what's to stop a person, once they've sudo'd, from editing /etc/sudoers and
giving themselves more privs?

kind regards,

on 7/6/01 6:57 AM, Steve Greenland at stevegr@debian.org wrote:

> On 06-Jul-01, 05:34 (CDT), Patrice Neff <mailinglists@patrice.ch> wrote:
>> What you want to accomplish might be possible with sudo. Install sudo
>> and thenn add the following line to the configuration
>> file. (/etc/sudoers on my machine)
>> <yourusername> ALL=(ALL) ALL
>> this will allow you to execute any command you want with
>> sudo <command>
>> but you still don't have to know the root password. The password
>> you're providing when executing sudo is yours.
> Let me add another vote for using sudo. Additional advantages are that
> one can limit what the sudoer can do, and that it logs (or can be set
> to log) all issued commands. (Except that if you allow 'sudo bash' or
> some variation, it won't log the session, just that bash started, of
> course.). But at least you'll have some audit trail.
> Steve

Reply to: