Re: shared root account
On Fri, Jul 06, 2001 at 12:15:43PM +0300, Juha Jäykkä wrote:
Make multiple root-accounts. We for example have normal users
accounts and 3-5 root-accounts depending on machine. Just give
UID/GID to new user.
> I have a bit of a situation: I have a handful of linux machines
> (almost all with different distributions and kernels and software -
> one hell to keep secure) and all the machines have different roots.
> These guys want to keep their root passwords (or at least the root
> privileges) so they can update their X/KDE/whatever when/if they feel
> like it but on the other hand, they would like to see someone (me)
> keep their machines secure - something they themselves do not have
> time (we all know keeping up security is a fulltime job). Obviously to
> install patches etc I, also, need root privileges.
> This poses a problem if I am not to remember all those different
> root passwords and without making all the passwords the same! How can
> that _safely_ be accomplished? There are versions of su, sudo etc) that
> do not ask passwords, there are suid binaries but which is _THE_ way
> of accomplishing this? Presently there are only shared root passwords
> between the server admins but now we are trying to get the workstation
> security boosted up as well - being behind one firewall does not seem
> to be enough in an environment where a whole class B network is behind
> that one fw...
>
> --
> -----------------------------------------------
> | Juha Jäykkä, juolja@utu.fi |
> | home: http://www.utu.fi/~juolja/ |
> -----------------------------------------------
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
--
ytti
Reply to: