|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Security Practices question
On Wed, Oct 02, 2002 at 11:34:38AM -0700, [email protected] said: [snip] > > > This is a really /really/ REALLY bad idea. I had nightmare issues dealing > > > with a network formerly run by a 'sysadmin' who thought every user that > > > might need to do something as root should have a uidzero account. > > > > That's not the issue, however. > > > > The assumption is that you have several people who really are fully > > qualified admins on the system in question, who really do need full > > privileged access. The choice John describes is between giving these > > trusted sysadmins the password for "root", or giving them (and them > > alone) a UID 0 account as he describes (except that one would of course > > use shadow passwords etc.) > > Wrong. The choice is between having a single password for the user with id 0, > and having multiple passwords for that same account. This is an abysmally bad > idea, and shame on anybody encouraging it. See (mail client sent message while I was editing it; full reply on its way.) -- -= Scott Francis || darkuncle (at) darkuncle (dot) net =- GPG key CB33CCA7 has been revoked; I am now 5537F527 illum oportet crescere me autem minui Attachment:
pgp00003.pgp
|