Also in the desktop Enterprise the systems admin needs to be very intrusive. To do things like create default interfaces, and make users adhere to company policy;
How about super users with different rights and authorities? Why not split the concentration of power? On 02/11/05, Leonardo Lopes Pereira <[EMAIL PROTECTED]> wrote: > After a quick discuss with marco_g on IRC, i started to thing about Why we > need a sysadmin. And I realize that only small options on the system need the > admin interference. I saw that many people here are very fanatic about > security, but what about a system with a admin that put backdoors on programs? > > So, if we will design a system where people can fell secure, we need to > create a system where the admin has less power as possible. > > In my opinion, the admin is a user that will be able ONLY to configure some > parts of the system that cannot be configured by a user. All other things > that the admin needs to do, like run a server, will be done by a common user > with no more power than other users. > > To install programs we can create a mechanism that every user can install > programs that will be avaliable to every users. but all programs would be > signed on their origin, and if the user trust on that origin, this program > will be able to work perfectly, if the user doesn't trust on the origin of > the program it will be alerted about that and will choose how this program > will run. With no access to FS, with a read-only access to FS or if the user > will start to trust on that origin. > > I know that this is only one case of many thing that a sysadmin does, but > this was what wake up this discuss in my mind, so, if you have more things > that you beleave that only sysadmin can does, we can start to discuss, thanks. > > ps.: I do not want to start a monster thread, But I beleave if you want a > system almost from scratch, we need to discuss every point of it. > > -- > leonardolopespereira at gmail.com > > GNU Privacy Guard (GPG) > ID da chave: 83E8AFBF | servidor: keys.indymedia.org > gpg --keyserver keys.indymedia.org --recv-keys 83E8AFBF > > > _______________________________________________ > L4-hurd mailing list > L4-hurd@gnu.org > http://lists.gnu.org/mailman/listinfo/l4-hurd > > > > _______________________________________________ L4-hurd mailing list L4-hurd@gnu.org http://lists.gnu.org/mailman/listinfo/l4-hurd
