Christian Folini said... > On Thu, 1 Dec 2005 09:24:28 -0600 Dave Sherohman wrote: > > sudo is great for tracking who does what as root and for preventing > > yourself from accidentally doing something with greater powers than > > intended, but it can very easily be counterproductive if your intent > > is to increase resistance to unauthorized access. > > The sudo/wheel approach is also a handy one when you want to update > the root password regularly, but you do not want to tell it to > everyone. Say you work in an heterogenous enterprise
I hope you meant heterogeneous! Though it would be true to say that many sys admins are heterogenous. It's usually safer to say 'diverse' to avoid this one ;-) Handy tip, though. > with lots of > admins having their unix workstation. They need root permissions on > their desktop machine, but you do not want to distribute the root > password (lacking the encrypted channel to reach everyone for example). > > Then you can add them to the wheel group and give them a root > shell that way. Meanwhile you can update the root password > without any problem. -- Best, Marc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
