[sudo-users] sudo run by root ?
David Ledger
david.ledger at ivdcs.co.uk
Fri May 11 04:07:19 EDT 2007
At 18:55 +0200 10/5/07, Michael wrote:
>I must be missing something.
>
>If you're going to log a fully trusted root, to be able to
>trace-back just in case,
>then there are much easier ways from simple things like the shell history, or
>invoking 'script', up to a using a modified security-enahnced shell.
>
>If OTOH you want to be able to check what other admins are doing, then why
>would they operate as root anyway ? They would have admin accounts and
>restricted sudo acess for special tasks.
>
>So what ? PLE
Apart from security related reasons, there is that of convenience.
If you write a script that uses sudo to give rights as root, oracle
or whatever, and root can not use sudo, then root cannot use the
script.
David
--
David Ledger - Freelance Unix Sysadmin in the UK.
Chair of HPUX SysAdmin SIG of hpUG technical user group (www.hpug.org.uk)
david.ledger at ivdcs.co.uk
www.ivdcs.co.uk
More information about the sudo-users
mailing list