On Thu, 2005-08-04 at 21:35 +1000, Tony Green wrote: > I'm guessing you could do a dual stage 'sudo su'. One account which > allows sudo su access to pre-root (which the application guy has the > password to) and then a sudo from pre-root -> root using the password > which the admin guy has.
I get where you are going. The whole idea where physical access = access is a real problem here. You are never going to lock out the administrators from the computer room, console logon and even a simple su command is easy if they have any accounts on the machines. -- Ken Foskey OpenOffice.org developer -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
