PaulDotCom mailing list archives
Generic Users
From: digitallachance at gmail.com (Francois Lachance)
Date: Sat, 5 Jun 2010 23:58:16 -0500
Did they give a reason why a generic account is a bad thing? Personally, my biggest issue with those is accountability. Who is actually using those generic account? Those are typically shared accounts by different admins from my experience. Also, how do you keep control over who knows the password to those accounts? Some software, like SAP, force you to use generic accounts. In those cases, you should not make those accounts accessible over the network. Instead (this works for UNIX environments, have your users logon to the server and then su/sudo to that account. That leaves an audit trail. On Fri, Jun 4, 2010 at 5:45 PM, Vincent Lape <vlape at me.com> wrote:
Depending on the audit you can file a compensating control if the account uses a secure means of login. (such as ssh) and restrict where the accounts can login from and what commands the account can run. Without giving too much info what are these generic accounts used for? On Jun 4, 2010, at 1:59 AM, Cezar Spatariu Neagu <cezar.spatariu at gmail.com > wrote:Hi all, I would like to ask you all about some "best practices" regarding generic users. I had an internal audit that point out that i do use generic users. My solution before this was to create many of them with very few rights. And I have some that I use in configuration files and I can not change the password. How shall I treat this issue? Thank you for the your inputs. Cezar Spatariu _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100605/0d9e6741/attachment.htm
Current thread:
- Generic Users Cezar Spatariu Neagu (Jun 04)
- Generic Users Vincent Lape (Jun 04)
- Generic Users Francois Lachance (Jun 05)
- Generic Users Butturini, Russell (Jun 06)
- Generic Users Francois Lachance (Jun 05)
- Generic Users Vincent Lape (Jun 04)