Since we're starting afresh with these new servers, I'd like to get an idea what people think about 'sudo' settings and why they think what they think.
Clearly admins should be able to become any other user. There are a number of ways of allowing this: 1) Each admin knows the root password. To become someone else, he must 'su', enter that password each time, and then 'su <user>'. 2) Each admin has 'sudo' permissions for all users. He needs to enter his own password on his first 'sudo' invocation of a session. 3) Each admin has 'sudo' permissions for all users. He doesn't need to enter any password to 'sudo' to anyone. These are moving from 1 to 3 in the direction of decreasing security (because fewer authentication interactions take place) and of increasing inconvenience. On the other hand, one might make an argument that security decreases with excessive requirements for entering a password, since that creates more eavesdropping opportunities. So, what do y'all think? Which of these options is appropriate for our system configuration policy going forward? We've been using 3 on fyodor, and at the moment seem to have defaulted to 2 on the new servers. _______________________________________________ HCoop-SysAdmin mailing list [email protected] http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
