On Wednesday 20 August 2008 13:53:45 Dan Linder wrote: > Additionally, I don't want them to be able to shell out (:shell) and > get a root prompt. The NOEXEC stanza for sudoers turns this off: So instead I'll open /usr/bin/vi and replace it with /bin/sh :)