shared root account
I have a bit of a situation: I have a handful of linux machines
(almost all with different distributions and kernels and software -
one hell to keep secure) and all the machines have different roots.
These guys want to keep their root passwords (or at least the root
privileges) so they can update their X/KDE/whatever when/if they feel
like it but on the other hand, they would like to see someone (me)
keep their machines secure - something they themselves do not have
time (we all know keeping up security is a fulltime job). Obviously to
install patches etc I, also, need root privileges.
This poses a problem if I am not to remember all those different
root passwords and without making all the passwords the same! How can
that _safely_ be accomplished? There are versions of su, sudo etc) that
do not ask passwords, there are suid binaries but which is _THE_ way
of accomplishing this? Presently there are only shared root passwords
between the server admins but now we are trying to get the workstation
security boosted up as well - being behind one firewall does not seem
to be enough in an environment where a whole class B network is behind
that one fw...
--
-----------------------------------------------
| Juha Jäykkä, juolja@utu.fi |
| home: http://www.utu.fi/~juolja/ |
-----------------------------------------------
Reply to: