[sudo-workers] Listing sudo authorizations for userids

Richard L Ross rross at us.ibm.com
Fri Jun 3 13:57:22 EDT 2005


We have a audit requirement (Sarbanes Oxley) to revalidate userid 
authorizations within the sudoers file.  I found a simple way of 
performing this by issuing a 'sudo -u userid -l' .. Unfortunately, it 
requires that everyone must be authorized for the 'nopasswd: sudo -l' 
command .. which is a no no in our eyes since people can find out what 
other userids are capable of.  We would like to restrict this to root only 
(and not globally authorize the -l) ..  Any suggestions??


Richard L Ross
Unix Technical Support
Rochester, NY
TL 451

More information about the sudo-workers mailing list