[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [RFC] disabled root account / distinct group for users with administrative privileges

On Wed, Oct 20, 2010 at 12:28:49PM +0100, Simon McVittie wrote:
> Quoting from base-passwd again:
[...]
> ... so in practice, staff is root-equivalent, but in principle it's not meant
> to be. (Yay.)

Right, which was why I also chose to use it for "staff" who I
trusted with root access, but wanted logging in with their own user
IDs and making most changes through sudo (so that there's an audit
trail in case they accidentally break something I later have to
fix).
-- 
{ IRL(Jeremy_Stanley); WWW(http://fungi.yuggoth.org/); PGP(43495829);
WHOIS(STANL3-ARIN); SMTP(fungi@yuggoth.org); FINGER(fungi@yuggoth.org);
MUD(kinrui@katarsis.mudpy.org:6669); IRC(fungi@irc.yuggoth.org#ccl);
ICQ(114362511); YAHOO(crawlingchaoslabs); AIM(dreadazathoth); }
Reply to: