We have set up a sudoers policy that uses the NOEXEC tag, however users are still able to create a shell when executing the NOEXEC commands. Here is an example of the sudoers rule that isn't working:
%sudo_users ALL=(root) ALL, (root) NOEXEC: /usr/bin/vi, /usr/bin/vim
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center