Problems with sudo
Matt Shields
matt-urrlRJtNKRMsHrnhXWJB8w at public.gmane.org
Fri Nov 27 14:24:38 EST 2009
Is there anyone on the list that has some suggestions on securing sudo? For
years we've used sudo to give our developers and qa access to production
servers run cat, less, more and tail to view logs, but nothing else. But a
recent know it all developer who seems to think that he shouldn't abide by
rules has figured out that in less if you hit ! then /bin/bash he can get a
root shell. Anyone know of a way of forbidding dropping to shell from any
of these applications?
-matt
http://www.sysadminvalley.com
http://www.beantownhost.com
http://www.linkedin.com/in/mattboston
Mike Ditka <http://www.brainyquote.com/quotes/authors/m/mike_ditka.html> -
"If God had wanted man to play soccer, he wouldn't have given us arms."
More information about the Discuss
mailing list