sudo and rksh
Heikki Korpela
heko at saitti.net
Tue Apr 17 12:56:32 EDT 2001
I'm a bit frustrated at my colleagues using sudo just to switch to
super-user mode when they login to a server and then operate as
super-users until they exit the system. I've been trying to talk
to them about this but it seems they're mainly forgetting about
my pleads out of habit.
I was thinking about restricting their rights to rksh, chown, chmod,
cat, less, vim and grep. This wouldn't of course prevent them from
using rksh to jump to another shell from a security point of view,
but it might gently force them to use alternative ways of operation
and prevent accidents that happen when over-using the root shell.
Does this sound tyrannic or entirely beyond the limits of common
sense? I will of course discuss with my colleagues first, but I
prefer to make a fool of myself in front of the world instead
of in front of my friends.
<!-- ---------------------- 72 characters -------------------------- -->
Heikki Korpela -- heko at saitti.net
More information about the sudo-users
mailing list