sudo and /etc/sudoers
Karl F. Larsen
klarsen1 at gmail.com
Mon Dec 29 12:55:50 UTC 2008
Matthew Flaschen wrote:
> Karl F. Larsen wrote:
>> The two Subject things and their man pages are the most obscure
>> information I have ever seen on my computer. They do work but in trying
>> to explain to myself HOW they work was a thankless job. I have an idea
>> how it works but why is it so darn crude? It would seem that someone who
>> fully understands the code could write something that makes /etc/sudoers
>> much easier to read.
> Keep in mind that /etc/sudoers does more than just say, "Johnny can have
> root but Billy can't". It provides very fine granularity (which users
> and/or groups, which executables, which password to ask, etc.).
> Designing a better file format would be possible but non-trivial.
> Matt Flaschen
Yes and it is seldom used. With a lot of thought, if I was running a
Unix computer with many users I would disable sudo, get me a root
password, and handle the users with which groups they belong to. Limit
the amount of space each can use, and things like that.
Karl F. Larsen, AKA K5DI
PGP 4208 4D6E 595F 22B9 FF1C ECB6 4A3C 2C54 FE23 53A7
More information about the ubuntu-users