Educause Security Discussion mailing list archives
Re: Local Admin Rights
From: "Krulewitch, Sean" <krulewit () IU EDU>
Date: Mon, 28 Mar 2005 13:54:49 -0500
On Tuesday, March 15, 2005 8:05 AM, Brian Fetcie wrote:
I'm curious as to what other campuses are doing in regards to this issue. How did you handle the politics (i.e. the power user, or even average user, who are convinced they must have admin privs)? I'm interested in any experiences, the good, the bad and the ugly. Thank you in advance.
While we leave this decision up to the individual departments, we strongly encourage them to have their users run day-to-day as a normal user accounts. I think it's important to note that having users run day-to-day as a User is not necessarily the same thing as not giving the access to the local administrator password. We do not recommend Power User as its trivial to become an Admin with Power User rights. Running as a User instead of Power User/Admin is often the difference between a complete rebuild of the OS as opposed to a simple "clean" when a user gets compromised with a piece of malware. -Sean -- Sean Krulewitch, Chief Security Engineer IT Security Office, Office of the VP for Information Technology Indiana University For PGP Key or S/MIME cert: https://www.itso.iu.edu/staff/krulewit/ ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Attachment:
smime.p7s
Description:
Current thread:
- Local Admin Rights Brian Fetcie (Mar 15)
- <Possible follow-ups>
- Re: Local Admin Rights Jacobson, James (Mar 15)
- Re: Local Admin Rights Michelle Mueller (Mar 15)
- Re: Local Admin Rights Gary Flynn (Mar 15)
- Re: Local Admin Rights Matt Kirchhoff (Mar 15)
- Re: Local Admin Rights Brian Fetcie (Mar 15)
- Re: Local Admin Rights Jeff Giacobbe (Mar 15)
- Re: Local Admin Rights Krulewitch, Sean (Mar 28)