sudoer security problem on server
I am exposed to a sudoer security problem on a server.
the server is running debian etch and every so often users on it
would ask me for sudoer permissions.
I would simply add
username ALL=(ALL) ALL
to the /etc/sudoers file. But now I am worried, it is a developement
server that devs on it wants some privileges to install stuffs.
but what I did is literally giving them root privileges. They can do
anything they want on it although I guess they would not do anything
malicious on it.
I wonder if a sysadmin should keep the root privilege safe and not
give sudo to anybody anybody else. and if there is more secure ways of
enabling root privilege to normal users?
Thanks for any pointers.