Root Access
Sharpe, Sam J
sam.sharpe+lists.redhat at gmail.com
Mon Jun 15 21:47:39 UTC 2009
2009/6/15 Robert L Cochran <cochranb at speakeasy.net>:
> The "locked box" approach is probably not used in very large enterprises. At
> least not where I work (> 100,000 employees, > 98,000 Tier 3 workstations.)
I think there is a difference between administering a large number of
Workstations (as in a computer used at the desk by one or two
induviduals) and administering a large number of Servers simply
because tighter controls are placed on the latter. I know of a few
large places where sudo is king and the root passwords to the servers
are randomised and kept in a safe (even if it's an electronic safe!).
At a former employer, users had sudo rights on their own workstation
to do pretty much anything (and similar PolicyKit and ConsoleHelper
configs) but were never told their own root password.
--
Sam
More information about the fedora-list
mailing list