Martin, Jason H wrote:
Do not grant the usual carte blanche root access (nor sudo
shell/edit access), and keep the root password for the
critical build/install servers in the control of a 3rd party
group without admin access. Probably requires other
procedures and planning to work right...
The 3rd party group would then have root and be able to make the
offending changes.
One solution I have seen mentioned is a two-part password, each part
held by a different person.
Tim
--
Tim Holliefield
System Administrator
Information Technology
UMUC-Europe
+49(0)6221-378281
_______________________________________________
Help-cfengine mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/help-cfengine
