ACL

[hike]

There are other ways of doing this than what has been discribed.

Have you not heard of a "secure network".

I know; I work at such a place.

Even on the "secure network", the sysadmins have tremendous access
privileges.

And they can make more privileges for themselves if needed or wanted.


Your response to my comment appears to be theoretical and doesn't fly in the
real world that I inhabit.


If you look at the recommendations for setting up a "business"secure Oracle
Financials environment (devlopment, disaster recovery, production) you will
gain insights about practical security.


Even in a "secure network", respect is paramount.  Respect and trust are two
of the essentials in creating a "secure" anything.

If you distrust your people, either quit (the preferred option) or fire your
people.
If you don't respect your people, you have bigger problems than simple
"security".



On Mon, Jul 28, 2008 at 11:19 AM, Laszlo BERES <beres.laszlo at sys-admin.hu>wrote:

> hike wrote:
>
>  It is unethical for sysadmins to access this data without a specific
>> reason
>> and approval.
>> If you cannot trust your sysadmins to act in an ethical fashion, YOU have
>> screwed up big-time.
>>
>> YOU hire trustworthy people.
>> YOU train trustworthy people.
>>
>
> Well, you're right, but imagine a world, where your sysadmins _cannot_
> access the data for legal or national security or other reasons. There's no
> place for trustworthiness or 'I swear I won't touch anything', you _have_ to
> restrict the access rights.
>
> --
> Laszlo BERES     RHCE, RHCX
> senior IT engineer, trainer
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>