Re: Security Practices question

[Scott Francis <darkuncle () darkuncle net>]

On Wed, Oct 02, 2002 at 11:34:38AM -0700, darkuncle () darkuncle net said:
[snip]
> > > This is a really /really/ REALLY bad idea. I had nightmare issues dealing
> > > with a network formerly run by a 'sysadmin' who thought every user that 
> > > might need to do something as root should have a uidzero account.
> >
> > That's not the issue, however.
> >
> > The assumption is that you have several people who really are fully
> > qualified admins on the system in question, who really do need full
> > privileged access.  The choice John describes is between giving these
> > trusted sysadmins the password for "root", or giving them (and them
> > alone) a UID 0 account as he describes (except that one would of course 
> > use shadow passwords etc.)
>
> Wrong. The choice is between having a single password for the user with id 0,
> and having multiple passwords for that same account. This is an abysmally bad
> idea, and shame on anybody encouraging it. See 

(mail client sent message while I was editing it; full reply on its way.)
-- 
-= Scott Francis || darkuncle (at) darkuncle (dot) net =-
  GPG key CB33CCA7 has been revoked; I am now 5537F527
        illum oportet crescere me autem minui

Attachment: _bin
Description: