Security Basics mailing list archives

Re: Application Admins with Local Admin on Servers

From: Joseph Brown <joseph.brown1 () fuse net>
Date: Thu, 12 Jul 2007 08:59:41 -0400

We give developers Admin/root privileges on development boxes, but noton production. Developers must submit a request to a server admin tomake production changes.


Joe Brown


Megan Kielman wrote:

System Administrators -

I am trying to get a feel for what other companies do with regard to
application developers needing local admin privileges on servers. I am
specifically working in a Windows environment but believe that the
same principles would apply in any environment. Here are my questions:

Do you grant admin privileges to application developers?
If not, do you grant them specific access or do you take care of the
work for them?

I do understand that it is a violation of separation of duties to
allow application developers to have local admin or root on systems, I
am simply try to get an idea of what the rest of the community does in
practice.

Thanks!

Current thread:

Application Admins with Local Admin on Servers Megan Kielman (Jul 11)
- Re: Application Admins with Local Admin on Servers Malcolm Heath (Jul 11)
- Re: Application Admins with Local Admin on Servers Ansgar -59cobalt- Wiechers (Jul 11)
- RE: Application Admins with Local Admin on Servers Petter Bruland (Jul 11)
- Re: Application Admins with Local Admin on Servers Yousef Syed (Jul 11)
- Re: Application Admins with Local Admin on Servers Adam Pal (Jul 11)
- Re: Application Admins with Local Admin on Servers Joseph Brown (Jul 12)
- <Possible follow-ups>
- Re: Application Admins with Local Admin on Servers levinson_k (Jul 11)
- Re: Application Admins with Local Admin on Servers krymson (Jul 13)