for everyone whose sick of sudo read this

Steve Feehan sfeehan at sbb.uvm.edu
Wed Jun 29 23:00:54 UTC 2005


On Wed, Jun 29, 2005 at 06:43:08PM -0400, Stephen R Laniel wrote:
> On Thu, Jun 30, 2005 at 10:33:48AM +1200, Stephen Ward wrote:

> I wonder if there's any way to make it impossible to touch
> /etc/sudoers without visudo. Or at least make it even more
> difficult -- 

You could make the file immutable, which it appears not to be:

$ sudo lsattr /etc/sudoers
----------------- /etc/sudoers

And it seems if you make the file immutable, then visudo doesn't
know how to handle this. Of course, it could. Though since this
is so obvious there may be a good reason why this tactic is not
used. Perhaps it's file system specific, though ext3 being the 
default on ubuntu I suppose visudo could be patched to at least
check.

-- 
Steve Feehan




More information about the ubuntu-users mailing list