On 3/30/06, Ioan Nemes <[EMAIL PROTECTED]> wrote: > > Certainly, but it really depends on how security-aware those sysadmins > are. > > Here, a security team is necessary to lay the LART upon the heads of > those > > ubiquitous non-IT engineers who have been given sysadmin powers and > who > > haven't a clue about security. It means when I discover a gaping > hole in > > someone's project I don't have to waste my time wielding the LART. > > > Greg > > Oh yeah! And when did you discovered the last security hole in a > vendor's > application, say Oracle? Would you really blame the sysadmin? Did you > advised > the corporate management to through out a SAP/PeopleSoft application > because > you can see hole in their application(s)? > > Or you talking here about perimeter security, like opening a port on > one the firewalls?
Huh? I'm not talking about any of the above and I'm not really talking talking about official sysadmins, either. I'm talking about security-ignorant non-computer engineers that have root and no one's going to take root away from them. No need to reply to me, I read the list. Greg