4 Apr
2005
4 Apr
'05
12:56 p.m.
On Tue, 2005-04-05 at 00:09 +1200, Bnonn wrote:
What am I missing?
Sudo supports granular controls on what each use can execute, see sudoers(5) for detailed information, but as an Administrator I could give a user permission to perform certain tasks on a machine but not others (IE. They can restart apache, but not anything else). Sudo logs each command that is executed, this provides the administrator with an audit trail of what commands users have been executing as root on the machine. Yes this can be easily bypassed, but that's where usage policy comes in... Regards -- Matt Brown matt(a)mattb.net.nz Mob +64 275 611 544 www.mattb.net.nz