On Sat, Jun 11, 2005 at 12:06:10PM -0700, M E Fieu wrote: > # User privilege specification > root ALL=(ALL) ALL > jim ALL=(ALL) ALL > Defaults logfile=/var/log/sudolog > So Jim as root access, but I found Jim can modify the > log file /var/log/sudolog as well using sudo. How to > prevent it from change the log file? If Jim has full sudo access, Jim can do anything -- you'll have to trust him. You could change syslog to log to a remote system, but even then, that'd be easy to get around. (You could also do something complicated with SELinux, but it'd be just that -- complicated.) -- Matthew Miller mattdm@xxxxxxxxxx <http://www.mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/> Current office temperature: 82 degrees Fahrenheit.
