[52469] in North American Network Operators' Group
Re: Security Practices question
daemon@ATHENA.MIT.EDU (just me)
Wed Oct 2 20:50:09 2002
Date: Wed, 2 Oct 2002 17:48:16 -0700 (PDT)
From: just me <matt@snark.net>
To: Scott Francis <darkuncle@darkuncle.net>
Cc: "Greg A. Woods" <woods@weird.com>, <nanog@merit.edu>
In-Reply-To: <20021002202615.GE49310@darkuncle.net>
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, 2 Oct 2002, Scott Francis wrote:
Can you back up that statement in /any/ way? What exactly are your reasons
why sudo is a worse solution (or even a bad idea)?
In an environment where every sysadmin is interchangable, and any one
of them can be woken up at 3am to fix the random problem of the day,
you tell me how to manage 'sudoers' on 4000 machines.
In an situation where the team needs root; all per-admin UID 0
accounts add is accountability and personalized shells/environments.
Sorry to ruffle your dogma.
--mghali@snark.net------------------------------------------<darwin><
Flowers on the razor wire/I know you're here/We are few/And far
between/I was thinking about her skin/Love is a many splintered
thing/Don't be afraid now/Just walk on in. #include <disclaim.h>
