M E Fieu
sibu168 at yahoo.com
Sat Jun 11 19:06:10 UTC 2005
Hi.. I defined sudoers file as
# sudoers file.
# This file MUST be edited with the 'visudo' command
# User privilege specification
root ALL=(ALL) ALL
jim ALL=(ALL) ALL
So Jim as root access, but I found Jim can modify the
log file /var/log/sudolog as well using sudo. How to
prevent it from change the log file?
Question 2. I saw the following article, don't you
feel it is stupid configuration. If Jim need to know
root password to use sudo why not let he su to root ?
# Defaults specification
Defaults:jim timestamp_timeout=0, runaspw,
This changes three things. First, "jim" needs root's
password to run sudo (because of "runaspw"). Second,
the password will not be remembered
(timestamp_timeout), and he gets only one chance to
enter it (the default is three tries).
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
More information about the users