user with root priviledge
Keven Ring
keven at mitre.org
Mon Apr 19 14:39:28 UTC 2004
>Let me pose a situation where having multiple root-capable accounts makes
>sense, and let me ask: What's the best way to acomplish this?
>
>We have several Linux workstations and laptops. Each user can have root
>on his own machine, but we don't want a user to have root on any other
>machine. We have a department administrator who needs root on all
>machines, but he doens't want to have to remember individual root
>passwords on all the machines.
>
>Our Windows solution is to create two administrator-capable accounts. How
>can we best do the same with Linux machines?
>
>
>
First off, just because something can be done in Windows does not mean
that it is a good idea, especially when it comes to security.... :)
Second, as others have pointed out, sudo is a great alternative.
Third, too many "system administrators" [read: ROOT USERS] are likely to
cause more headaches than it is worth.
More information about the fedora-list
mailing list