On 7/1/09 3:08 PM, "Frank Cox" <theatre at sasktel.net> wrote: > On Wed, 01 Jul 2009 15:05:58 -0700 > Gary Greene wrote: > >> . With sudo, >> you get a record of what command was executed with superuser rights by whom >> at whenever given hour. > > sudo bash I didn't think I had to be THAT pedantic of what you add to the allows and disallows.... Its called common sense here. If the sub-process will give you an unrestricted shell, and you don't trust xyz user, block it from being allowed.