[X-Unix] Sudo as Another User
Gretchen Hayman
gretchen at sedl.org
Wed Feb 25 11:27:56 PST 2004
On Feb 25, 2004, at 09:27, Kevin Stevens wrote:
> There may also be a separate
> "sudoers" file that would provide even finer control, don't know as
> I've
> never needed that.
There is, /etc/sudoers (edit using the visudo command)
By default in Mac OS X, _ANY_ admin user automatically has sudoer
privileges(!). I prefer to make such security decisions myself, so we
edit our /etc/sudoers files to only allow certain admin accounts to
have sudoer privileges. Basically it boils down to the fact that there
are some users I would trust to use Software Update, but wouldn't trust
with sudoer powers. They know just enough to be incredibly
dangerous/stupid, so no sense handing them a loaded weapon to practice
with.
I can hear the tech support call now "Yeah, I tried this command that I
saw on a site somewhere, something like 'pseudo something something
asterisk' and now stuff doesn't work. I hit command-z afterwards, but
it didn't undo." ^ ^;
Gretchen
More information about the X-Unix
mailing list