Path: utzoo!utgpu!attcan!uunet!lll-winken!lll-tis!helios.ee.lbl.gov!pasteur!ames!mailrus!tut.cis.ohio-state.edu!bgsuvax!denbeste From: denbeste@bgsuvax.UUCP (William C. DenBesten) Newsgroups: comp.unix.questions Subject: Re: Workstations: good reasons for owner root access Message-ID: <2757@bgsuvax.UUCP> Date: 15 Aug 88 14:39:41 GMT References: <8338@smoke.ARPA> Organization: Bowling Green State University B.G., Oh. Lines: 32 From article <8338@smoke.ARPA>, by gwyn@smoke.ARPA (Doug Gwyn ): > In article <125@leibniz.UUCP> tpc@leibniz.UUCP (Tom Chmara) writes: >> Are there any cogent arguments for or (gulp) against root access? > > The most serious problem is that, in many networking implementations, > super-user access on one system is tantamount to super-user access on > all machines in the entire (local) network. Networks that have this problem are not properly set up. BGSU's network has 3 computers that are 'trusted hosts' to one another. Other machines are not in the trusted host list. This means that the machine that we allow entire classes (as in 30 students) to have su access to does not compromise the security of the rest of the computers. When you ftp, rlogin, etc from that machine, or any other machine on the network, it requires that you type the root password on the destination machine. > The UNIX "super-user" UID should really be used only by privileged > utilities, not by people. There should be NO NEED, in a properly > configured system, for a person to type "su" in order to perform > system-administrative actions. Yea, right. See my .signature. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- William C. DenBesten | denbeste@bgsu.edu Dept of Computer Science | CSNET denbeste%andy.bgsu.edu@relay.cs.net Bowling Green State University| UUCP ...!cbosgd!osu-cis!bgsuvax!denbeste Bowling Green, OH 43403-0214 | ------------------------------+---------------------------------------------- There is no difference between theory and practice in theory, but there is often a great deal of difference between theory and practice in practice.