> > >>> Are your support users prevented from this command? >>> sudo /bin/bash >>> >> > Are they? > > Can't really say since what I described was implemented long ago and may not even be used now.. But - no they weren't - neither were they prevented from 'su -' or the other hundreds of ways you might get access to a shell. The support id could not be logged into directly - you could only su to it.. which does give some indication of 'who' in the logs .. but admittedly could be a messy audit trail.
---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
