[sudo-workers] disable -s
Todd C. Miller
Todd.Miller at courtesan.com
Sun Jun 8 14:08:51 EDT 2008
In message <20080608113120.GA10522 at radiocom.net.ua>
so spake Victor (wiki):
> Sorry, I see that question on subj was some time ago.
> But. Now I have situation that my users is the used commands as "sudo -
> s -u root", and on
> this not save logging information about enterred command.
>
> Maybe we can add new option on source core for disable it?
There's nothing magic about "sudo -s", it will only allow the user
to run a shell if the sudoers file allows it. It is simply shorthand
for "sudo $SHELL". If you don't want your users to be able to run
a shell, their sudoers entries just have to reflect that.
- todd
More information about the sudo-workers
mailing list