[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: shared root account

On Fri, Jul 06, 2001 at 10:24:28PM -0500, Nathan E Norman wrote:
> Depends on how you use it.
> At my last job, we used sudo for two reasons:
> 1) I didn't have to inform all the admins whenever the root password
> changed.

which is bogus since changing the root password means changing each
and every user's passwd who is listed in /etc/sudoers.  

> 2) techs had a script which ran as root under sudo for creating user
> accounts, etc.  The script was written in perl ... I'm sure there was
> something wrong with it but it worked well for us and kept techs in
> the box where they did the least damage.

well thats different, if you write a well audited and secure script
for adding users then those allowed to run that won't necessarily be
root, still trusted to be sure, but not root.  

Ethan Benson

Attachment: pgpsWfijXpB7U.pgp
Description: PGP signature

Reply to: