On 9/16/07, Chris <[EMAIL PROTECTED]> wrote: > So what's the "ideal" way to do things? Adding joeuser in the wheel > group and then add - joeuser ALL=(ALL) ALL in sudoers? And when the > joeuser account gets cracked, the cracker would be able to run > privileged commands?
cp /bin/sh /usr/local/bin/xsh chmod u+s /usr/local/bin/xsh then only tell the trusted users about xsh, and you can avoid sudo altogether.
