[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: multiple root passwords...

Michael K. Johnson writes:

>Not always precisely.  Sometimes it is a mangement issue.  For example,
>all root accounts might be valid on machine X, only a few on machine Y,
>and none on machine Z.  If you trust your users not to try to sniff for
>passwords and want to have each person only have to remember a single
>root password for all machines (so that they are less likely to write
>it down somewhere) multiple roots can be useful.

well, that's a good example. however, i could still achieve the same mgt
convenience by restricting the members of the wheel group on machines X and Y
--- this does not allow the uid=0 passwords to be different for different users
though. bottomline: i do not see much point in multiple uid=0 accounts given
pam_wheel (unless you do not use pam).

>Clearly, multiple root accounts/passwords aren't any sort of panacea,
>but there are environments (my example was only an example, not the
>only reason you might want them) where they are appropriate.

now, SCO unix provides privileged accounts or root accounts that could be
conferred with capabilities that ordinary user accounts cannot have. could this
idea be imported to the pam world?  instead of the one pam_wheel module that
gives either full or no uid=0 access, how about a pam_confer module that
confers capabilities listed in a config file when a user invokes it like su?
the access control part of this capability model could be implemented using
multiple unix groups. (remember that linux restricts the number of supplemental
groups per user to NGROUPS_MAX (=32) defined in /usr/include/linux/limits.h).


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []