Login or Register to Ask a Question and Join Our Community


Cybersecurity

Sudo Usage level

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Sudo Usage level
# 1  
Old 01-13-2004
Question Sudo Usage level
Hi Admins,
I have a Security question here. We have a bunch of users ( around 25) who needs to have sudo capabilities to run some jobs. I add them in the sudoers list, once confirmed their intention.

Now im having a headache, who is accessing another persons home directory and who is changing the file permission Etc.

- Is there a way to alert the administrator once a user sudo su -
as another person ?

From my understanding an email get alerted once a person who is not in the sudoers list try to sudo su. How for the situation above.

Any advise..
# 2  
Old 01-13-2004
Have you turned on the sudo logging facility?

- F
# 3  
Old 01-13-2004
Sudo logging is nice, but be sure to have it log to syslog and have it send to a central syslog server so logs are not local. Keep in mind that a malicous educated user can still disable syslog to hide his/her actions. Always grant permissions from the standpoint of giving just enough rights to get the job done. You shouldn't grant a user root if all he needs to do is stop/start a webserver...

What OS are you on? Some UNIX flavors have "unalterable" auditing capabilities built-in that can address BSM requirements.

Cheers,

Keith
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Red Hat

SSL certificate generation on OS level or application level

We have a RHEL 5.8 server at the production level and we have a Java application on this server. I know of the SSL certificate generation at the OS (RHEL) level but it is implemented on the Java application by our development team using the Java keytool. My doubt is that is the SSL generation can... (3 Replies)
Discussion started by: RHCE
3 Replies

2. Shell Programming and Scripting

sudo: sorry, you must have a tty to run sudo

Hi, Have a need to run the below command as a "karuser" from a java class which will is running as "root" user. When we are trying to run the below command from java code getting the below error. Command: sudo -u karuser -s /bin/bash /bank/karunix/bin/build_cycles.sh Error: sudo: sorry,... (8 Replies)
Discussion started by: Satyak
8 Replies

3. Shell Programming and Scripting

sudo: sorry, you must have a tty to run sudo

Hi All, I running a unix command using sudo option inside shell script. Its working well. But in crontab the same command is not working and its throwing "sudo: sorry, you must have a tty to run sudo". I do not have root permission to add or change settings for my userid. I can not even ask... (9 Replies)
Discussion started by: Apple1221
9 Replies

4. Shell Programming and Scripting

ssh foo.com sudo command - Prompts for sudo password as visible text. Help?

I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this: #!/bin/bash rsync /path/on/local/machine/ foo.com:path/on/remote/machine/ ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies

5. UNIX for Dummies Questions & Answers

sudo - command usage

Hi, I have few doubts regarding "sudo" command. It acutally allows access to other commands as a different user. It stands for "superuser do". Now, we execute a command as sudo su - oracle Can you please tell me what does it do actually, thank you. (6 Replies)
Discussion started by: Dev_Dev
6 Replies

6. AIX

sudo log and sudo auditing

Sudo In AIX, how to find out what commands have been run after a user sudo to another user? for example, user sam run 'sudo -u robert ksh' then run some commands, how can I (as root) find what commands have been run? sudo.log only contains sudo event, no activity logging. (3 Replies)
Discussion started by: jalite19
3 Replies

7. Solaris

Difference between run level & init level

what are the major Difference Between run level & init level (2 Replies)
Discussion started by: rajaramrnb
2 Replies

8. UNIX for Dummies Questions & Answers

Unable to use the Sudo command. "0509-130 Symbol resolution failed for sudo because:"

Hi! I'm very new to unix, so please keep that in mind with the level of language used if you choose to help :D Thanks! When attempting to use sudo on and AIX machine with oslevel 5.1.0.0, I get the following error: exec(): 0509-036 Cannot load program sudo because of the following errors:... (1 Reply)
Discussion started by: Chloe123
1 Replies

9. AIX

How to monitor the IBM AIX server for I/O usage,memory usage,CPU usage,network..?

How to monitor the IBM AIX server for I/O usage, memory usage, CPU usage, network usage, storage usage? (3 Replies)
Discussion started by: laknar
3 Replies

10. HP-UX

how can I find cpu usage memory usage swap usage and logical volume usage

how can I find cpu usage memory usage swap usage and I want to know CPU usage above X% and contiue Y times and memory usage above X % and contiue Y times my final destination is monitor process logical volume usage above X % and number of Logical voluage above can I not to... (3 Replies)
Discussion started by: alert0919
3 Replies
Login or Register to Ask a Question