Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Restrict SUDO Access
Operating Systems Linux Ubuntu Restrict SUDO Access Post 302604428 by spynappels on Monday 5th of March 2012 03:46:37 AM
Old 03-05-2012
Your understanding is correct, but this is not a security hole unless it is managed badly.

The root user decides who is added to the sudoers file, and also what commands this user can run as sudo. While often the user is given access to all commands and can sudo any of them, this does not have to be the case. It could be set up to only allow sudo access to a small number of commands or even just to one.

As the root user (administrator) has final control over who is added to the sudoers file and what permissions they are given, it is not a security hole if they're doing their job correctly.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Apache restrict access with certificates

Hello! Does anyone know if it's possible to restrict access to apache webserver with certificates? What I want is that if a user has a certificate in his browser then he get's access, if not show error or another page. I would be very happy if someone knew! /D (2 Replies)
Discussion started by: Esaia
2 Replies

2. UNIX for Advanced & Expert Users

Restrict access to specific users.

Hi All! I would like to know if there is any specific way by which I can restrict access to apecific users (ip addresses). OS : Red hat linux Thanks! nua7 (6 Replies)
Discussion started by: nua7
6 Replies

3. UNIX for Advanced & Expert Users

Restrict Access to the folder

Hi I have requirement to create 3 new users on my server but to restrict their access to a set of particular folders. /export/home/kapil/shared, /export/home/kapil/shared/Folder1 /export/home/kapil/shared/Folder2 These folders should be accessible to all the 3 users and to me too.... (1 Reply)
Discussion started by: kapilk
1 Replies

4. Linux

Restrict NFS access to root

Hi Everybody, If there is a general NFS share in the LAN and for example this share has three files - a, b, c is there any way to restrict file access to the root user of one particular host(falcon) in the same LAN environment while the normal users from the same host(falcon) should be able... (4 Replies)
Discussion started by: sudhirav
4 Replies

5. UNIX for Dummies Questions & Answers

Restrict user access.

Hi All, How can we restrict a particular user access to a particular shell in solaris 10. Thanks in Advance. (5 Replies)
Discussion started by: rama krishna
5 Replies

6. Red Hat

Restrict user access

Hi there I have an application user on my system that wants accesses to these file systems as such: rwx: /SAPO /SAPS12 /R3_888 /R3_888B /R3_888F /R3_888R r: /usr/sap these are the existing FS permissions:ownerships: # ls -ld /SAPO (9 Replies)
Discussion started by: hedkandi
9 Replies

7. Shell Programming and Scripting

Restrict access to .ksh scripts

Hi, How to restrict access to a .ksh script in such the way that the users can only execute the script, neither read nor write. I tried the below code so that my user alone has the rwx and other users can only execute. chmod 711 sample.ksh But when I logged in as a different user... (26 Replies)
Discussion started by: machomaddy
26 Replies

8. Solaris

restrict sudo and chown in specified directory

Hi Dears, I have one requirement like this: general user A can execute command C with root privilege by sudo configuration some folders and files are created during the command C execution user A cannot access those folders and files because the owner is root user, so I want the user A... (0 Replies)
Discussion started by: crest.boy
0 Replies

9. UNIX for Dummies Questions & Answers

Restrict access

I'm trying to use squid to restrict elinks' access to certain websites(only http traffic). I have tried some configs in squid.conf but no luck. Hope someone has a bit of time to explain me how can you make these config's :) ---------- Post updated at 05:40 PM ---------- Previous update was at... (1 Reply)
Discussion started by: Birnbacher
1 Replies

10. Red Hat

Restrict sudo -i

Hi, I wanted add a group to the sudoers file so they can run sudo commands and blocked su command but it seems they can just run sudo -i to switch to root which defeats my purpose. Is it possible to block sudo -i with the help of sudoers file or any other way. Please advise. The below... (1 Reply)
Discussion started by: Jartan
1 Replies

LEARN ABOUT DEBIAN

ubuntu-build

UBUNTU-BUILD(1) 					      General Commands Manual						   UBUNTU-BUILD(1)

NAME

       ubuntu-build - command-line interface to Launchpad build operations

SYNOPSIS

       ubuntu-build <srcpackage> <release> <operation>

DESCRIPTION

       ubuntu-build provides a command line interface to the Launchpad build operations.

OPERATIONS

       Listed below are the available operations for ubuntu-build:

       status Outputs the build status of the package on Launchpad on all architectures.

       retry  Requests	that the package has another attempt at rebuilding from source.  This will only work if the package has Failed to build on
	      Launchpad.

       rescore
	      Requests that the package's build priority be raised in the build queue.	Only members of the  Launchpad	build  administrators  may
	      issue this operation, and it may only be performed on packages which Need building.

OPTIONS

       Listed below are the command line options for ubuntu-build:

       -h or --help
	      Display a help message and exit.

       Retry and rescore options:

	      These options may only be used with the 'retry' and 'rescore' operations.

	      -a ARCHITECTURE, --arch=ARCHITECTURE Rebuild or rescore a specific architecture. Valid architectures include: amd64, sparc, powerpc,
	      i386, armel, armhf, ia64, lpia, hppa.

       Batch processing:

	      These options and parameter ordering is only available in --batch mode. Usage: ubuntu-build --batch [options] <package>...

	      --batch Enable batch mode

	      --series=SERIES Selects the Ubuntu series to operate on (default: current development series)

	      --retry Retry builds (give-back).

	      --rescore=PRIORITY Rescore builds to <priority>.

	      --arch2=ARCHITECTURE Affect only 'architecture' (can be used several times). Valid architectures are: amd64, sparc,  powerpc,  i386,
	      armel, armhf, ia64, lpia, hppa.

AUTHORS

       ubuntu-build  was  written  by  Martin  Pitt  <martin.pitt@canonical.com>,  and	this  manual  page  was written by Jonathan Patrick Davies
       <jpds@ubuntu.com>.

       Both are released under the terms of the GNU General Public License, version 3 or (at your option) any later version.

ubuntu-dev-tools						     June 2010							   UBUNTU-BUILD(1)
All times are GMT -4. The time now is 05:30 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy