Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!ncar!ico!vail!rcd From: rcd@ico.ISC.COM (Dick Dunn) Newsgroups: comp.unix.wizards Subject: Re: Multiple Root ID's considered evil? Summary: Keep It Simple (since trust is essential anyway) Message-ID: <16134@vail.ICO.ISC.COM> Date: 26 Sep 89 07:16:00 GMT References: <4157@buengc.BU.EDU> <1723@convex.UUCP> <114@tons61.UUCP> Distribution: usa Organization: Interactive Systems Corp, Boulder, CO Lines: 33 In article <114@tons61.UUCP>, harrys@tons61.UUCP (Harry Skelton) writes: > We have a problem of multible logins as root (actually su's since our login > program prohibits direct root access) and I was thinking of adding something > like the "session" program to the shell and have it save the session to > the console hardcopy printer - regarless!... Be careful with approaches like this! All too often, when you need to su, it's because something has gotten thoroughly hosed up. You have at least one machine I/O-wedged, or CPU-wedged (or both, if it's one of *those* days); you can't tell what's causing the problem, it gets worse by the minute; you've GOT to get a few commands through to avoid bringing every- thing to its knees. In cases like this, you DON'T want a lot of baggage hanging off everything you do as root. You want to depend on the fact that if only simple things are working, you can do simple things and get out of the mess. If you have to piece a system back together, you don't want some magic which has to work before you can do it. In short, you don't need stuff going on behind your back... >...I don't think the user will be > able to get rid of the hard copy without notice, change tty's in midwork, > nor get by the idea that a deamon opens a file for audit then unlink()'s... [various additional precautionary games] If you've got this sort of problem with people who have a root password, I don't think you can solve it by administrative procedures. If you need this much distrust of people with root, your organization is broken. That is, you've got people problems. In a UNIX environment with hostile users, you don't give the hostile users a root password, period. -- +---------+ Dick Dunn rcd@ico.isc.com ico!rcd (303)449-2870 | In this | 4th annual MadHatterDay [10/6/89]: | style | A Kinder, Gentler Fool's Day |__10/6___|