On Thu, 2005-08-04 at 21:52 +1000, Ken Foskey wrote: > On Thu, 2005-08-04 at 21:35 +1000, Tony Green wrote: > > > I'm guessing you could do a dual stage 'sudo su'. One account which > > allows sudo su access to pre-root (which the application guy has the > > password to) and then a sudo from pre-root -> root using the password > > which the admin guy has. > > I get where you are going. The whole idea where physical access = access > is a real problem here. You are never going to lock out the > administrators from the computer room, console logon and even a simple > su command is easy if they have any accounts on the machines.
No, you configure sudo so only a particular group has access (say, 'admin', or 'wheel'), and ensure only users which need root access are in that group. This is pretty much exactly the standard way you solve the precise problem you're talking about. By the way, if you've physical access to a machine, there's plenty of other ways you can gain root on a system. Unless you're running some kind of encrypted filesystem and a password or key needing to be manually fed into the machine at every startup (which for a server is rather inconvenient), the data is *not* physically secure. R > -- > Ken Foskey > OpenOffice.org developer > > Regards, Ryan Verner Director, uAnywhere -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
