Quoting Eric F Crist <ecrist at secure-computing.net>:

> On Feb 5, 2008, at 2:04 PM, Josh Welch wrote:
>
>> Quoting Eric F Crist <ecrist at secure-computing.net>:
>>
>>>>
>>>> Yes, sudo logs all commands that are run through it.  su doesn't.
>>>
>>>
>>> This is slightly misguided.  Even with sudo, you can sudo su <user>
>>> and where the su to <user> will be logged, anything done while su'd is
>>> not logged.  Only commands invoked directly with sudo are logged.  In
>>> this case, logging is no better than it is with su.
>>>
>>
>> Note that the proper approach here would be to simply disallow doing a
>> sudo to su if you're on a multi-user system where such things matter.
>> One of the nice things about sudo is that you can specify with a fair
>> degree of granularity what users are allowed to issue what commands as
>> the superuser.
>
>
> Hardly a work-around as I could execute sudo <favorite_shell_here>.

Ummm, what makes you think I gave you the access to `sudo bash` if I  
didn't give the access to `sudo su`? ;)

> It really boils down to a couple of options:
>
> 1)	You trust your users, give them sudo access.
> 2)	You don't trust your users, don't give them sudo access.
> 3)	You don't trust your users, give them a limited set of commands.
> 	* With this, I would recommend a 'take it all away' and give them what
> they need approach.

This is the way I've always given sudo access, users get only the  
commands they need. Of course I've never met a user I trust :)

Josh