[sudo-users] How to prevent editing sudoers-file

[Matthew Hannigan]

On Mon, Nov 27, 2006 at 02:31:30AM +0100, Huibert.Kivits at mail.ing.nl wrote:
> If you store all sudo authorizations in LDAP, you can be certain the
> user has no ability to change his sudo authorizations.

All you need to do is turn sudo auth by ldap, which can be done
by root.

Really this is a dead-end; leave it.

(I'm surprised no-one has mentioned sudoshell yet -- or have they?)

Matt