[sudo-users] Audit tool for Sudo
Tim Bradshaw
tfb at tfeb.org
Sat Apr 14 09:11:46 MDT 2018
I wrote such a thing, called sdrep, which unfortunately I can't distribute as it was done as part of a contract and I don't own it.
It works by parsing sudoers files which is surprisingly hard to do really reliably. As a result of my whinging, Todd added a feature to sudo which means it can spit out a JSON file (thanks Todd!): I have a plan to redo sdrep to make use of this (and make the result more widely available) although I haven't made any significant progress.
A few years ago (2012?) when I wrote sdrep there did not seem to be any other tool which was really usable.
--tim
> On 13 Apr 2018, at 14:40, Price, Dean <dprice1 at metlife.com> wrote:
>
> Folks,
> Is anyone aware of any tools that can audit Sudo and provide a report for what users have access to run in Sudo?
>
> Thank you,
> Dean A. Price, CISSP
> MetLife - IT Security Consultant
> dprice1 at metlife.com<mailto:dprice1 at metlife.com>
> 570-585-3407
>
> The information contained in this message may be CONFIDENTIAL and is for the intended addressee only. Any unauthorized use, dissemination of the information, or copying of this message is prohibited. If you are not the intended addressee, please notify the sender immediately and delete this message.
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> https://www.sudo.ws/mailman/listinfo/sudo-users
More information about the sudo-users
mailing list