sudo -s

Status
Not open for further replies.
JGuru

JGuru

Wise Old Owl
That's a good question!! Either you delete the sudo executable, or move it to some
other place or rename it to a different name!! A good solution is move the executa
-ble 'sudo to your '/home/' and don't give the other users read-access or any other
access. 'Sudo' is located in the '/usr/bin' folder.
 
praka123

praka123

left this forum longback
*www.sudo.ws/pipermail/sudo-users/2003-May/001538.html

In message <OF5E57D999.156B24E2-ON86256D24.00575E49-86256D24.005773A6 at cis.cat.c
om>
so spake "Nicholas C. Aganan" (Aganan_Nicholas_C):

> How will I disable sudo -s? I don't want this functionality to be given to
> my users.

"sudo -s" is just a shortcut for "sudo $SHELL". If your sudoers
file doesn't allow users t orun shells, they won't be able to do
"sudo -s" either.

- todd
Click to expand...
Also refer:
*forums.macnn.com/archive/index.php/t-18166.html
 
Last edited:
M

mehulved

18 Till I Die............
Just make it non-executable for other users except you.
Code: 
sudo chmod o-x /usr/bin/sudo
But if your account is compromised then well this trick won't help and neither will JGuru's.
 
JGuru

JGuru

Wise Old Owl
If you want the best unbreakable protection you must include Biometrics. Including
a retina scan & a thumb print scanner. There are some Biometrics software
available in Linux. The researchers say that even finger-print can be spoofed by using
gelatin or other similar substances!! So the new Biometrics software looks for Sweat!!
Read more about it here:
*news.zdnet.com/2100-1009_22-6003440.html
 
Last edited:
mediator

mediator

Technomancer
ravix said:
any body can gain access to root by cmd "sudo -s" howto prevent this:mad:
Click to expand...

How dood?? My FC5 says "mediator is not in the sudoers file. This incident will be reported."
 
M

mehulved

18 Till I Die............
Well mediator just do this
Code: 
su
visudo
And search for tutorials on net on how to add user/group to sudoers file.
I have left the ubuntu defualt
%admin ALL=(ALL) ALL.
Well you can customise it to your needs.
 
Status
Not open for further replies.
Top Bottom