[sudo-users] Deny all command on /var/log/sudolog

Jordi Espasa Clofent jespasac at minibofh.org
Wed Aug 5 11:34:57 EDT 2009

Edward Capriolo escribió:

> With your sudo configuration it does not seem like you can since you
> are using wild card configurations a user can sudo any program like
> vi. I use this type of configuration on trusted administrators. I
> would suggest doing a remote syslog. This way no one will be able to
> change the syslog audit trail.

Yes. It's a option.

Jordi Espasa Clofent

More information about the sudo-users mailing list