[sudo-users] Deny all command on /var/log/sudolog
Jordi Espasa Clofent
jespasac at minibofh.org
Wed Aug 5 11:34:57 EDT 2009
Edward Capriolo escribió:
> With your sudo configuration it does not seem like you can since you
> are using wild card configurations a user can sudo any program like
> vi. I use this type of configuration on trusted administrators. I
> would suggest doing a remote syslog. This way no one will be able to
> change the syslog audit trail.
Yes. It's a option.
--
Thanks,
Jordi Espasa Clofent
More information about the sudo-users
mailing list