nanog mailing list archives
Re: Security Practices question
From: Jason Slagle <raistlin () tacorp net>
Date: Wed, 2 Oct 2002 21:28:53 -0400 (EDT)
On Wed, 2 Oct 2002, just me wrote:
In an environment where every sysadmin is interchangable, and any one of them can be woken up at 3am to fix the random problem of the day, you tell me how to manage 'sudoers' on 4000 machines. In an situation where the team needs root; all per-admin UID 0 accounts add is accountability and personalized shells/environments. Sorry to ruffle your dogma.
Have I missed something here? It seems to me having multiple uid 0's would do no good. Can't a UID 0 user change the password of any other user. Wouldn't a malicious uid 0 user just change the regular root password? How does this add any additional layer of accountability. A uid 0 user can erase the logfiles, unless they are immutable and you are in secure mode. Jason -- Jason Slagle - CCNP - CCDP /"\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . \ / ASCII Ribbon Campaign . X - NO HTML/RTF in e-mail . / \ - NO Word docs in e-mail .
Current thread:
- Re: Security Practices question Scott Francis (Oct 02)
- Re: Security Practices question Scott Francis (Oct 02)
- <Possible follow-ups>
- Re: Security Practices question Scott Francis (Oct 02)
- Message not available
- Re: Security Practices question Scott Francis (Oct 02)
- Message not available
- Re: Security Practices question Scott Francis (Oct 02)
- Re: Security Practices question just me (Oct 02)
- Re: Security Practices question E.B. Dreger (Oct 02)
- Re: Security Practices question Michael Lamoureux (Oct 02)
- Re: Security Practices question just me (Oct 03)
- Message not available
- Re: Security Practices question Barb Dijker (Oct 03)
- Message not available
- Re: Security Practices question Jason Slagle (Oct 02)
- Re: Security Practices question Joel Baker (Oct 02)
- Re: Security Practices question Scott Walker (Oct 02)
- Re: Security Practices question Valdis . Kletnieks (Oct 03)
- Re: Security Practices question Scott Francis (Oct 03)
- Re: Security Practices question just me (Oct 03)
- Re: Security Practices question Scott Francis (Oct 03)
- Re: Security Practices question alex (Oct 03)
- Re: Security Practices question William Waites (Oct 03)
- Message not available
- Re: Security Practices question Barb Dijker (Oct 02)
- Message not available
- Re: Security Practices question Barb Dijker (Oct 03)