[sudo-users] Stopping root user from editing the sudo.log file
Kevin
kkadow at gmail.com
Tue Feb 7 14:17:04 EST 2006
On 2/6/06, Shedd, Graham <Graham.Shedd at lloydstsb.co.uk> wrote:
> Has anyone come up with a way to stop a certain user who has full root privs
> from editing the /var/adm/sudolog file. I'm trying to implement something
> in the sudoers file but an having problems
Some operating systems support the concept of an "append-only"
immutable flag which can be appended to, but not truncated, deleted,
nor overwritten.
The best generic solution I can offer is to configure off-box syslog
to a remote server, a server to which that "certain user" has no
access.
Kevin
More information about the sudo-users
mailing list