Scott Ribe wrote:
> On Mar 14, 2012, at 9:01 AM, David Ondrejik wrote:
>
>> In Linux you can setup and use the "sudo" option. For those whom you don't wish to have root access, simply make
themsudousers, then change the root password. This will force those users to simply type "sudo" (w/o quotes) at the
beginningof each command they want to run (i.e. sudo psql db_name "insert into....").
>
> Sure, you mean like this command:
>
> sudo su root
If properly (mis)configured.
On the other hand, you can provide very limited root access on a
command-by-command and user-by-user basis with more complex sudo
configurations, and while the first request will ask for a password,
further requests within the configured authorization timeout will still
be logged even if the user isn't asked for their password.
-kgd