Denying commands in sudoers
Lennart Sorensen
lsorense-1wCw9BSqJbv44Nm34jS7GywD8/FfD2ys at public.gmane.org
Tue Jul 25 20:29:36 UTC 2006
On Tue, Jul 25, 2006 at 11:10:34AM -0400, Neil Watson wrote:
> Is it possible to configure sudoers to allow all commands except a
> select few? I want allow all commands with sudo except the editing of
> the suders files, and any attempts to become root (su, su -, su root).
Bad idea. There are thousands of ways to become root if you can execute
commands as root.
sudo vim
:sh
id
Hmm..
What you think you want, can not be done.
--
Len Sorensen
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list