[sudo-users] How to prevent editing sudoers-file
Matthew Hannigan
mlh at zip.com.au
Mon Nov 27 19:34:40 EST 2006
On Mon, Nov 27, 2006 at 10:32:33PM +0100, Claude Hohl wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> > OK, thank you guys for the tips. I solved the problem about the
> > writable sudoers file this way:
> > Sudoers is located on a dedicated server; and it's exported via NFS
> > as a read-only filesystem. therefore, even as root you can not
> > write on it!
But you could edit the sudo binary to use a different sudoers file.
You've raised the bar a bit, but not much.
Matt
More information about the sudo-users
mailing list