Difference between revisions of "HIDS 5402"
From Atomicorp Wiki
m |
m |
||
| Line 5: | Line 5: | ||
Explanation: | Explanation: | ||
| − | This means that a user or process successfully used [[https://en.wikipedia.org/wiki/Sudo sudo]] execute a command as root. | + | This means that a user or process successfully used [[https://en.wikipedia.org/wiki/Sudo sudo]] to execute a command as root. |
| + | |||
| + | Notes: | ||
| + | |||
| + | Careful analysis of sudo logs is recommended to ensure that users authorized to run root level commands, via sudo, are not exceeding their authority. | ||
Revision as of 14:07, 18 December 2011
Example log message:
Server sudo: tortix : TTY=unknown ; PWD=/var/asl/www ; USER=root ; COMMAND=/var/asl/bin/asl --validate_gui
Explanation:
This means that a user or process successfully used [sudo] to execute a command as root.
Notes:
Careful analysis of sudo logs is recommended to ensure that users authorized to run root level commands, via sudo, are not exceeding their authority.
