[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#484841: staff group root equivalence

On Mon, 02 Mar 2009, Manoj Srivastava wrote:
> This way, each research group had special privileges to their
> machines, but not any others, and the IT folks still had control.
> 
> Similar things were done at some of the larger companies I worked
> for; so there is a use case. (And I think UNIX machines back in the
> 80's and early 90's came set up that way by default; I know Ultrix
> and OSF/1 did).

It seems to me that most of these cases would be dealt with using sudo
now, as it would enable you to restrict the users to having root
access on a specific machine, since being in staff means being able to
trivially get root on that machine at any time. [And sudo at least has
methods of controling and/or accounting the access.]
 

Don Armstrong

-- 
"You have many years to live--do things you will be proud to remember
when you are old."
 -- Shinka proverb. (John Brunner _Stand On Zanzibar_ p413)

http://www.donarmstrong.com              http://rzlab.ucr.edu
Reply to: