[sudo-users] sudo + ldap security
David Thiel
lx at redundancy.redundancy.org
Tue Mar 8 13:15:07 EST 2005
Greetings,
I'm considering using LDAP to store sudo configuration data, but I can't
see any way to keep any user of a sudo-controlled machine from browsing
that data in LDAP. With regular sudoers, I at least have the assurance
that users can only read rules that apply to them personally, and that
the whole of that data can only be read by root. Has anyone found any
clever ways to mitigate this?
Thanks,
David
More information about the sudo-users
mailing list