[52471] in North American Network Operators' Group
Re: Security Practices question
daemon@ATHENA.MIT.EDU (Jason Slagle)
Wed Oct 2 21:29:34 2002
Date: Wed, 2 Oct 2002 21:28:53 -0400 (EDT)
From: Jason Slagle <raistlin@tacorp.net>
To: just me <matt@snark.net>
Cc: Scott Francis <darkuncle@darkuncle.net>,
"Greg A. Woods" <woods@weird.com>, <nanog@merit.edu>
In-Reply-To: <Pine.GSO.4.33L0.0210021745300.23094-100000@pants.snark.net>
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, 2 Oct 2002, just me wrote:
> In an environment where every sysadmin is interchangable, and any one
> of them can be woken up at 3am to fix the random problem of the day,
> you tell me how to manage 'sudoers' on 4000 machines.
>
> In an situation where the team needs root; all per-admin UID 0
> accounts add is accountability and personalized shells/environments.
>
> Sorry to ruffle your dogma.
Have I missed something here?
It seems to me having multiple uid 0's would do no good.
Can't a UID 0 user change the password of any other user.
Wouldn't a malicious uid 0 user just change the regular root password?
How does this add any additional layer of accountability. A uid 0 user
can erase the logfiles, unless they are immutable and you are in secure
mode.
Jason
--
Jason Slagle - CCNP - CCDP
/"\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
\ / ASCII Ribbon Campaign .
X - NO HTML/RTF in e-mail .
/ \ - NO Word docs in e-mail .
