[sudo-users] How to prevent editing sudoers-file
longneck at bluewin.ch
Tue Nov 28 11:17:41 EST 2006
-----BEGIN PGP SIGNED MESSAGE-----
ok, and what if you put the sudo binary also on the read-only NFS-mount?
Am 28.11.2006 um 1:34 schrieb Matthew Hannigan:
> On Mon, Nov 27, 2006 at 10:32:33PM +0100, Claude Hohl wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>> OK, thank you guys for the tips. I solved the problem about the
>>> writable sudoers file this way:
>>> Sudoers is located on a dedicated server; and it's exported via NFS
>>> as a read-only filesystem. therefore, even as root you can not
>>> write on it!
> But you could edit the sudo binary to use a different sudoers file.
> You've raised the bar a bit, but not much.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (Darwin)
-----END PGP SIGNATURE-----
More information about the sudo-users