[sudo-users] How to prevent editing sudoers-file
Stephen Carville
stephen at totalflood.com
Wed Nov 29 17:06:38 EST 2006
Matthew Hannigan wrote:
> On Mon, Nov 27, 2006 at 10:32:33PM +0100, Claude Hohl wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>>> OK, thank you guys for the tips. I solved the problem about the
>>> writable sudoers file this way:
>>> Sudoers is located on a dedicated server; and it's exported via NFS
>>> as a read-only filesystem. therefore, even as root you can not
>>> write on it!
>
> But you could edit the sudo binary to use a different sudoers file.
>
> You've raised the bar a bit, but not much.
True but trip wire should catch that.
> Matt
>
>
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users
--
Stephen Carville <stephen at totalflood.com>
Unix and Network Admin
Nationwide Totalflood
6033 W. Century Blvd
Los Angeles, CA 90045
310-342-3602
More information about the sudo-users
mailing list