Re: hard links on HFS+ (now even further off topic...)

Sun, 17 Nov 2002 18:09:09 -0800


On Sunday, Nov 17, 2002, at 17:25 America/New_York, Heather Madrone wrote:

It seems silly to have one account for me as a human being and another for me
as God.
Worst advice ever. See also:

# rm -rf / mydirectory

(Note space)

This is a Windows thought. And even n Windows you should have an Admin account that no one touches and the account you work with. Use:

runas

often in Windows.

Aside from enterprise-critical database operations, most installations
didn't care.  If their disks crashed, they could hire a bank of
secretaries to type their data back in.


Yeah if they remembered what they lost.


I can't imagine many Mac installations that justify the sorts of
protections you're suggesting.  Protect the servers, sure, but
don't wall the users off from their own systems so they have to
call ops in every time they insert a CD.
This sort of sentiment is fine for a small office LAN full of folks not doing anything particularly important. This sort of administrative policy will simply fail when you get into either extremely important data or large numbers of users and certainly both.

Think banking.
Think money.

If you're working for a bagel store and keeping inventory on a few networked PCs, your plan may hold water but even then someday you'll wish you had asserted a more rigorous AP.

I understand your issue with users from several prospectives.

1 -- Marketing really wants to have a 4GB mail file per person -- you just have to say no.
2 -- The Operations manager wants access to HR files -- you should probably check with HR.
3 -- Your "Power User" wants access to the print spool -- you find out later they stopped a proposal print job to impress the receptionist so she could print color invitations to her kids recital
4 -- Your PHB wants to have all emails routed through him so he can read them. It's a 5 key stroke job, you could do it easily... when he's swamped with mail who do you think will be blamed?

A sys admin shouldn't be liked, a sys admin shouldn't even be noticed. People should see the sys admin the hall and say "Who is that devilishly good looking fellow?" (or whatever.) In any event your users are the ones who cause all the problems and give you a job. Don't make them waste their time trying to circumvent your neato policy forbidding desktop background changes but keep them from deleting their own mail file because given the chance they will. Trust me.

--
Lou Moran
[EMAIL PROTECTED]
http://ellem.dyn.dhs.org:5281/resume/

Reply via email to