nanog mailing list archives
Re: Security Practices question
From: Valdis.Kletnieks () vt edu
Date: Thu, 03 Oct 2002 12:27:30 -0400
On Wed, 02 Oct 2002 17:48:16 PDT, just me said:
In an situation where the team needs root; all per-admin UID 0 accounts add is accountability and personalized shells/environments.
Accountability is always good, but you can do even better with sudo (Sorry, I couldn't resist). As far as personalized shells/environments go, I've found that this helps a lot: export ENV=~/.kshrc (for ksh-based systems) export BASH_ENV=~/.bashrc (for bash-based boxes) su -m (or whatever "save the environment" parameter your su has) and voila, you have your preferred environment. Bottom line - per-admin UID 0 doesn't give you anything you couldn't get via other means. (And please, no flames about using su rather than sudo, or the wisdom of using su and preserving the environment - I've already done the analysis and decided it's correct *for the machines in question*.) -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
Attachment:
_bin
Description:
Current thread:
- Re: Security Practices question, (continued)
- Message not available
- Re: Security Practices question Scott Francis (Oct 02)
- Message not available
- Re: Security Practices question Scott Francis (Oct 02)
- Re: Security Practices question just me (Oct 02)
- Re: Security Practices question E.B. Dreger (Oct 02)
- Re: Security Practices question Michael Lamoureux (Oct 02)
- Re: Security Practices question just me (Oct 03)
- Message not available
- Re: Security Practices question Barb Dijker (Oct 03)
- Re: Security Practices question Jason Slagle (Oct 02)
- Re: Security Practices question Joel Baker (Oct 02)
- Re: Security Practices question Scott Walker (Oct 02)
- Re: Security Practices question Valdis . Kletnieks (Oct 03)
- Re: Security Practices question Scott Francis (Oct 03)
- Re: Security Practices question just me (Oct 03)
- Re: Security Practices question Scott Francis (Oct 03)
- Re: Security Practices question alex (Oct 03)
- Re: Security Practices question William Waites (Oct 03)
- Message not available
- Re: Security Practices question Barb Dijker (Oct 02)
- Message not available
- Re: Security Practices question Barb Dijker (Oct 03)