user with root priviledge
William Hooper
whooperhsd3 at earthlink.net
Tue Apr 20 17:50:20 UTC 2004
Björn Persson said:
> William Hooper wrote:
>
>> Björn Persson said:
>>
>>>Wouldn't it be rather difficult to construct a sudoers file so that a
>>>user can do anything an administrator might possibly need to do but not
>>>in any way manipulate the log?
>>
>>
>> Sure, remote logging.
>>
>> Any log on the local machine is suspect, so if it is important set up
>> remote logging.
>
> sudo service network stop, or reboot without networking, or just yank
> the cable. No more remote logging - and if someone asks you had a
> perfectly good reason to take the machine offline for a little while. :-)
If the user has physical access or the ability to boot into single user
mode it doesn't matter what you are using, because it isn't your machine
it is theirs :-)
--
William Hooper
More information about the fedora-list
mailing list