Re: Limiting admin privileges

To: Robert Kerr <kerrr@et.byu.edu>
Cc: Debian List <debian-user@lists.debian.org>
Subject: Re: Limiting admin privileges
From: "Sean 'Shaleh' Perry" <shalehperry@attbi.com>
Date: Thu, 13 Dec 2001 08:15:08 -0800 (PST)
Message-id: <[🔎] XFMail.20011213081508.shalehperry@attbi.com>
In-reply-to: <[🔎] Pine.HPX.4.33.0112130902250.29166-100000@prague.et.byu.edu>

On 13-Dec-2001 Robert Kerr wrote:
> Hi all,
> My group is looking into providing Linux workstations to the engineers,
> but we're worried about future problems regarding admin privileges.  We
> would like to give our engineers root on their boxes so they can set them
> up and provide patches and such.  But, su-ing to root will also allow them
> to access any other users' files (since we have an automount NFS daemon
> which will mount the other users' home directories when accessed).  What
> kind of utilities are available that would allow the users admin-type
> privileges, but disallow their munging others' files?
> 

Some problems are best solved with social and not engineering solutions.  If
your employees are really futzing with other people's work they shuold know
that such behaviour is frowned on and can lead to dismissal.

That said, nfs can be configured to not accept the local root as the server
root.  You could also limit their root access to the program 'sudo' which
offers a rich set of abilities.

Reply to:

References:
- Limiting admin privileges
  - From: Robert Kerr <kerrr@et.byu.edu>

Prev by Date: Re:[2] Advice on upgrading Potato to Sid
Next by Date: Re:Limiting admin privileges
Previous by thread: Limiting admin privileges
Next by thread: Re: Limiting admin privileges
Index(es):
- Date
- Thread