[sudo-users] How to prevent editing sudoers-file
Claude Hohl
longneck at bluewin.ch
Tue Nov 28 11:17:41 EST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
ok, and what if you put the sudo binary also on the read-only NFS-mount?
;-p
Am 28.11.2006 um 1:34 schrieb Matthew Hannigan:
> On Mon, Nov 27, 2006 at 10:32:33PM +0100, Claude Hohl wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>>> OK, thank you guys for the tips. I solved the problem about the
>>> writable sudoers file this way:
>>> Sudoers is located on a dedicated server; and it's exported via NFS
>>> as a read-only filesystem. therefore, even as root you can not
>>> write on it!
>
> But you could edit the sudo binary to use a different sudoers file.
>
> You've raised the bar a bit, but not much.
>
> Matt
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (Darwin)
iD8DBQFFbGElkPADilYGTHwRApKWAJ97XFE4cAO4tSc2KPW0UK9bPsVBkACcCjYa
Ia0y3/U/a2XF+dZB5g/G97I=
=x57+
-----END PGP SIGNATURE-----
More information about the sudo-users
mailing list