Different password for the hosts file?

dotcomlarry

macrumors regular
Original poster
Jul 16, 2002
188
0
Akron, PA
Hi all... I'm trying to block some domains from being accessed on my laptop that don't need to be.... only problem is, certain people can edit the /etc/hosts file just fine by punching in the password.... Is there a way to assign it a different password just for that file? I don't want to create new users (in fact, it's not an option... don't ask) or change my existing password (it's used by others). Any way to do this? Ideally i would only assign a new password to JUST the hosts file, but I'm not sure if this is possible (not much of a *nix geek).

Thanks for any help in advance
 

yellow

Moderator emeritus
Oct 21, 2003
16,033
1
Portland, OR
No, you cannot do this.

My suggestion.. create a new account that is NOT an admin account for the others that are using your PB. Since they are not part of the admin group, they are not in /etc/sudoers and cannot edit /etc/hosts.
 

dotcomlarry

macrumors regular
Original poster
Jul 16, 2002
188
0
Akron, PA
from looking at some of the documentation of the sudoers file, it would *seem* as tho i could edit the %admin group (which includes my account) to be able to do everything *but* edit the /etc/hosts file... that way they couldn't sudo the hosts file. Or.. am I wrong?
 

yellow

Moderator emeritus
Oct 21, 2003
16,033
1
Portland, OR
Have you looked at the sudoers man page? It's not easy to configure..

And you'd have to create another account to edit /etc/hosts, or edit /etc/sudoers to allow you to do it, which these people you're trying to 'secure' can also do..

Plus, I believe /etc/sudoers is only checked in the CLI, if someone tries to edit the file from inside the GUI from an admin account, they shouldn't be stopped.

I still think creating a non-admin account for them would be the best (easiest) solution.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.