The UNIX and Linux Forums  

Go Back   The UNIX and Linux Forums > OS Specific Forums > Linux
Sudo question Sudo question
Google UNIX.COM
Forums Portal Register Forum Rules FAQContribute Members List Arcade Search Today's Posts Mark Forums Read


Linux RedHat, Ubuntu, SUSE, Fedora, Debian, Mandriva, Slackware, Gentoo linux, PCLinuxOS. All Linux questions here!

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
sudo question melias Security 12 05-26-2008 01:10 AM
sudo, or not sudo: that is the question iBot UNIX and Linux RSS News 1 02-07-2008 10:40 AM
Sudo question Katkota UNIX for Dummies Questions & Answers 10 01-18-2008 02:35 AM
SUDO question - please help sajjad02 UNIX for Advanced & Expert Users 5 04-27-2005 08:22 AM
sudo question TRUEST UNIX for Dummies Questions & Answers 1 01-16-2004 09:53 PM

Reply
 
Submit Tools LinkBack Thread Tools Search this Thread Display Modes
  #1  
Old 01-16-2008
Registered User
  

Join Date: May 2004
Location: Brazil
Posts: 40
Sudo question
Hello, I would like to know what should I put on the sudoers file to block a determined group os using just one specific command as root?
He can do anything, but not execute program X, how can I do this?

Thank you very much.
Reply With Quote
Forum Sponsor
  #2  
Old 01-17-2008
RTM's Avatar
RTM RTM is offline
Hog Hunter
  
Simon Champion!
Join Date: Apr 2002
Location: On my motorcycle
Posts: 3,039
By using the ! and the program you don't want to run...BUT,

Quote:
It is generally not effective to ``subtract'' commands from ALL using the '!' operator. A user can trivially circumvent this by copying the desired command to a different name and then executing that. For example:

bill ALL = ALL, !SU, !SHELLS

Doesn't really prevent bill from running the commands listed in SU or SHELLS since he can simply copy those commands to a different name, or use a shell escape from an editor or other program. Therefore, these kind of restrictions should be considered advisory at best (and reinforced by policy).
Suggest you look at the options available and do it a different way.
sudoers manual
Reply With Quote
  #3  
Old 01-22-2008
Registered User
  

Join Date: May 2004
Location: Brazil
Posts: 40
Thank you very much.
Reply With Quote
Google The UNIX and Linux Forums
Reply

« Install more than one OS in a single partition... | Printer Configuration with comannd line »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode




All times are GMT -7. The time now is 01:58 AM.

The UNIX and Linux Forums RSS Feeds - Contact Us - The UNIX and Linux Forums - Archive - Top

Powered by: vBulletin, Copyright ©2000 - 2006, Jelsoft Enterprises Limited.
The UNIX and Linux Forums Content Copyright ©1993-2008. All Rights Reserved.Ad Management by RedTyger Visit The Complex Event Processing Blog

Content Relevant URLs by vBSEO 3.2.0