Re: Single-use root account?
On Fri, 2003-11-07 at 07:55, J. Bruce Fields wrote:
> On Fri, Nov 07, 2003 at 02:58:48AM -0600, Alex Malinovich wrote:
> > I've decided that it's about time I look for a solution to a problem
> > that's been bugging me. On certain occasions, I find it necessary to
> > have one of my roommates do something to the network at home when I'm
> > not there. As such, they generally will need root access to do it. While
> > I certainly trust them, I'm very security conscious and wouldn't feel
> > comfortable giving them my root password.
>
> Why not? They already have physical access to the machine, what more
> would you give up to them by telling them the root password? For a home
> computer, I don't see much reason not to just stick the root password on
> a post-it note on the monitor.... You already trust anyone that's in a
> position to see it.
And if a not-so-trustworthy "friend" or acquaintance wanders by,
he can destroy you.
The all-privilege sudo is the best idea, since the actions are
audited.
--
-----------------------------------------------------------------
Ron Johnson, Jr. ron.l.johnson@cox.net
Jefferson, LA USA
Thanks to the good people in Microsoft, a great deal of the data
that flows is dependent on one company. That is not a healthy
ecosystem. The issue is that creativity gets filtered through the
business plan of one company.
Mitchell Baker, "Chief Lizard Wrangler" at Mozilla
Reply to: