[sudo-users] SOX Audit of sudoers, any tools?

[Galen Johnson]

We've done something similar but have also provided some documentation on how to read it (ie, excepts from the man page and write-ups for the separate entries)

=G=

-----Original Message-----
From: sudo-users-bounces at courtesan.com [mailto:sudo-users-bounces at courtesan.com] On Behalf Of Carville, Stephen
Sent: Tuesday, March 18, 2008 7:44 PM
To: Johnson, Chad; sudo-users at sudo.ws
Subject: Re: [sudo-users] SOX Audit of sudoers, any tools?

> -----Original Message-----
> From: sudo-users-bounces at courtesan.com [mailto:sudo-users-
> bounces at courtesan.com] On Behalf Of Johnson, Chad
> Sent: Monday, March 17, 2008 5:58 AM
> To: sudo-users at sudo.ws
> Subject: [sudo-users] SOX Audit of sudoers, any tools?
>
> I need to parse the sudoers configuration for SOX audits.  Is there a
> tool to reliably perform this task?  I have checked into 'sudoers-lint'
> from the 'sudo-tools' version 1.2 but this tool is quite incomplete and
> errors on many of the entries in our sudoers file (Defaults entries for
> example).
>
>
>
> Is there a more updated version of this toolkit or another tool to
> perform this task?
>

Not that I know of.

On the past two audits I've just handed them the most recent revision of the file.  That seems to keep the auditors happy.  OTOH they may have no idea what they are looking at and don't want to admit it. :-)


Stephen Carville <scarville at landam.com>
Systems Engineer
Land America
1.626.667.1450 X1326
#####################################################################
That which does not kill us often hurts us a lot.



No virus found in this outgoing message.
Checked by AVG.
Version: 7.5.519 / Virus Database: 269.21.7/1333 - Release Date: 3/18/2008 8:10 AM

____________________________________________________________
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
http://www.sudo.ws/mailman/listinfo/sudo-users