Sudoers and root
Issue
- The sudoers on this system is set to < group ALL=ALL >
- All the users in the group are allowed to use any command with sudo.
- But we dont want the user to be able to user su - or su -i etc... to gain root shell.
- That can be done by excluding these commands in sudoers.
- But we would like to prevent users from been able to escape the shell they are in and getting access to root shell.
- For an example a user does sudo vi
then types :sh this will get him/her root shell. is there a way for preventing this type of escapes?
Environment
- Red Hat Enterprise Linux 6
- sudo
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
