On Fri, 2003-11-07 at 12:50, Ron Johnson wrote: > On Fri, 2003-11-07 at 12:35, Alex Malinovich wrote: > > On Fri, 2003-11-07 at 10:55, Ron Johnson wrote: > > > On Fri, 2003-11-07 at 09:30, Tom wrote: > > > > * [07/11/2003 16:25] J. Bruce Fields <bfields@fieldses.org>: > > > > > > > > > > The all-privilege sudo is the best idea, since the actions are > > > > > > audited. > > > > > > > > > > Though note that the auditing is there to keep the honest honest--surely > > > > > the audit trail isn't truly secure against an user with "all-privilege > > > > > sudo". > > > > > > > > Also, I read the word(s) "single-use" in the subject line as "one-time > > > > use". Not sure if that's what he meant, but if it is, I guess sudo isn't > > > > exactly what he wanted either. > > > > > > The OP can enable sudo privs only when he's going to be gone for > > > any appreciable amount of time. > > > > Unfortunately, most of the time that I need them to do something is when > > I'm in class, which is 4 evenings every week. And usually, the reason I > > need something done is because I need it while I'm in class and it can't > > wait until I get home. So enabling sudo 4 afternoons a week and then > > disabling it 4 evenings a week is not really an option. > > cron to the rescue!!!! That would allow them to log in any number of times for any reason, 4 nights of the week. That doesn't do much against defending against the aforementioned stupidity. :) -- Alex Malinovich Support Free Software, delete your Windows partition TODAY! Encrypted mail preferred. You can get my public key from any of the pgp.net keyservers. Key ID: A6D24837
Attachment:
signature.asc
Description: This is a digitally signed message part