nanog mailing list archives
Re: Security Practices question
From: Scott Francis <darkuncle () darkuncle net>
Date: Wed, 2 Oct 2002 11:46:53 -0700
On Wed, Oct 02, 2002 at 11:34:38AM -0700, darkuncle () darkuncle net said: [snip]
This is a really /really/ REALLY bad idea. I had nightmare issues dealing with a network formerly run by a 'sysadmin' who thought every user that might need to do something as root should have a uidzero account.That's not the issue, however. The assumption is that you have several people who really are fully qualified admins on the system in question, who really do need full privileged access. The choice John describes is between giving these trusted sysadmins the password for "root", or giving them (and them alone) a UID 0 account as he describes (except that one would of course use shadow passwords etc.)Wrong. The choice is between having a single password for the user with id 0, and having multiple passwords for that same account. This is an abysmally bad idea, and shame on anybody encouraging it. See
(mail client sent message while I was editing it; full reply on its way.) -- -= Scott Francis || darkuncle (at) darkuncle (dot) net =- GPG key CB33CCA7 has been revoked; I am now 5537F527 illum oportet crescere me autem minui
Attachment:
_bin
Description:
Current thread:
- Re: Security Practices question Scott Francis (Oct 02)
- Re: Security Practices question Scott Francis (Oct 02)
- <Possible follow-ups>
- Re: Security Practices question Scott Francis (Oct 02)
- Message not available
- Re: Security Practices question Scott Francis (Oct 02)
- Message not available
- Re: Security Practices question Scott Francis (Oct 02)
- Re: Security Practices question just me (Oct 02)
- Re: Security Practices question E.B. Dreger (Oct 02)
- Re: Security Practices question Michael Lamoureux (Oct 02)
- Re: Security Practices question just me (Oct 03)
- Message not available
- Re: Security Practices question Barb Dijker (Oct 03)
- Message not available
- Re: Security Practices question Jason Slagle (Oct 02)
- Re: Security Practices question Joel Baker (Oct 02)