|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Security Practices question
On Wed, 02 Oct 2002 17:48:16 PDT, just me said: > In an situation where the team needs root; all per-admin UID 0 > accounts add is accountability and personalized shells/environments. Accountability is always good, but you can do even better with sudo (Sorry, I couldn't resist). As far as personalized shells/environments go, I've found that this helps a lot: export ENV=~/.kshrc (for ksh-based systems) export BASH_ENV=~/.bashrc (for bash-based boxes) su -m (or whatever "save the environment" parameter your su has) and voila, you have your preferred environment. Bottom line - per-admin UID 0 doesn't give you anything you couldn't get via other means. (And please, no flames about using su rather than sudo, or the wisdom of using su and preserving the environment - I've already done the analysis and decided it's correct *for the machines in question*.) -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech Attachment:
pgp00007.pgp
|