On Tue, Jan 17, 2012 at 1:57 AM, Make Compile <[email protected]> wrote: > > Hi guys, > > any ideas on this? i've been been configuring out sudo account on rhel5.0, > unfortunately, i've configured sudo for a user andrew with restricted syntax > of /sbin/ifconfig when i test the account the user can still view ip settings > of linux box. any ideas on how to restrict specific command on visudo > > sample : > > editing using visudo command. > > > andrew localhost = !/sbin/ifconfig > > when i logged in using andrew's credential, and try issuing the command > /sbin/ifconfig the user andrew can still view ip settings. any ideas? is this > normal? Thanks
chmod o-x /sbin/ifconfig ? That doesn't prevent someone from uploading ifconfig. Only root should be able to change settings though. Oh, and ifconfig is obsolete ;) "ip ftw" Regards, Scott. /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
