[sudo-users] "su" to any user BUT root + run any command without being prompted for password
Vitezslav Cizek
vcizek at suse.cz
Mon May 7 04:50:23 EDT 2012
Hi,
* V Pátek 4. květen 2012, 20:22:30 [CEST] Gonzalez, Aliep napsal:
>
> Hello All,
>
> Environment: RHEL6, native version of the sudo binary
> (sudo-1.7.2p2-9.el6.x86_64).
>
> I am trying to allow a certain group of users to be able to "su" to any
> user on the system but to root. I also want those users to be able to
> run any command on the system without being prompted for password.
>
Your requirements go against each other.
When the users can run arbitrary commands without a password,
they have plenty of ways to gain root privileges. (sudo /bin/sh, etc.)
--
Vita Cizek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: </pipermail/sudo-users/attachments/20120507/f4c337a2/attachment.bin>
More information about the sudo-users
mailing list