This incident will be reported - Security & Cryptography

Users browsing this thread: 2 Guest(s)
venam
Administrators
Quote:root is not in the sudoers file. This incident will be reported.
I've always wondered, why root is added by default to the sudoers file?

Also:
Quote:sudoers can log both successful and unsuccessful attempts (as well as errors) to
syslog(3), a log file, or both. By default, sudoers will log via syslog(3) but
this is changeable via the syslog and logfile Defaults setting
And in auth.log
Code:
Jul  3 12:07:40 computer sudo:     root : user NOT in sudoers ; TTY=pts/30 ; PWD=/home/patrick ; USER=root ; COMMAND=t

It's your syslog implementation (for me here it's rsyslog) configuration that is forwarding it by email, it might not be default on all systems.


Messages In This Thread
This incident will be reported - by z3bra - 03-07-2017, 06:00 AM
RE: This incident will be reported - by venam - 03-07-2017, 06:14 AM
RE: This incident will be reported - by venam - 07-07-2017, 03:22 AM
RE: This incident will be reported - by r4ndom - 07-07-2017, 05:13 AM
RE: This incident will be reported - by venam - 07-07-2017, 05:28 AM