Fwd: Sudo to all users
George Meharry II
gmeharry at yahoo.com
Tue Jul 10 17:45:58 EDT 2001
Patrick ...
Though I'm sure someone else will respond with perhaps
a better suggestion, there are about four (4) rules
that will need to be defined ... I don't have the
sudoers man page in front of me but it'll be something
like ..
!/path_to_su/su,\
/path_to_su/su *,\
!/path_to_su/su root,
!/path_to_su/su -
What these rules are stating:
1) the user cannot run su,
2) that when run, su must have a parameter (check
doco for actual syntax)
3) that when run with a parameter, the parameter
cannot be root
4) that when run with a parameter, the parameter
cannot be "-"
This in effect restricts the user as you really want
.. however keep this in mind, once you grant acces to
a [slew of] command[s], you open a potential can of
worms (or better stated, it's easier to grant access
to specific commands than open the door and then
restrict).
Any other comments sudo collegues?
Best of luck Pactrick!
George
Note: forwarded message attached.
__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/
-------------- next part --------------
An embedded message was scrubbed...
From: "Patrick Dwyer" <padwyer at hotmail.com>
Subject: Sudo to all users
Date: Tue, 10 Jul 2001 08:35:51 -0400
Size: 3005
URL: </pipermail/sudo-users/attachments/20010710/44c32dc0/attachment.mht>
More information about the sudo-users
mailing list