[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Root Access



2009/6/15 Robert L Cochran <cochranb speakeasy net>:
> The "locked box" approach is probably not used in very large enterprises. At
> least not where I work (> 100,000 employees, > 98,000 Tier 3 workstations.)

I think there is a difference between administering a large number of
Workstations (as in a computer used at the desk by one or two
induviduals) and administering a large number of Servers simply
because tighter controls are placed on the latter. I know of a few
large places where sudo is king and the root passwords to the servers
are randomised and kept in a safe (even if it's an electronic safe!).

At a former employer, users had sudo rights on their own workstation
to do pretty much anything (and similar PolicyKit and ConsoleHelper
configs) but were never told their own root password.

-- 
Sam


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]