[sudo-users] sudo remove -s and -i option
michael at stroeder.com
Wed Aug 23 02:26:36 MDT 2017
Paul Cantle wrote:
> If you insist on doing it this way, you will need to exclude /bin/vi too (because you
> can gain a shell from it) as well as any other shells other than bash that you have
...and exclude any other programs giving you a shell access (like /usr/bin/less etc.)...
Typically people ask for appropriate sudoers rules for reading log files with less as
user root. Hmmpf!
More information about the sudo-users