Newsgroups: comp.admin.policy
Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!wuarchive!uunet!bellcore!iscp.Bellcore.COM!jona
From: jona@iscp.Bellcore.COM (Jon Alperin)
Subject: Re: Policies concerning root privs
Message-ID: <1991Jun5.212125.5391@bellcore.bellcore.com>
Sender: usenet@bellcore.bellcore.com (Poster of News)
Reply-To: jona@iscp.Bellcore.COM (Jon Alperin)
Organization: Bell Communications Research (Bellcore)
References: <JGARB.91Jun4002317@csd4330a.erim.org> <8560@jhunix.HCF.JHU.EDU>
Date: Wed, 5 Jun 91 21:21:25 GMT

You don't say wether these are user workstations, or multi user servers you are supporting. In our environment, we set up one password for our system administrators, and create special root privledge logins for those users with a demonstrated need for root access. We then inform these people that the machines will not receive "normal" support. If they kill the OS, all we will do is re-load it from our "golden" copy. they need to back up their own systems.

This has seemed to discourage all but the most needy from requesting root access.
-- 
Jon Alperin
Bell Communications Research

---> Internet: jona@iscp.bellcore.com
---> Voicenet: (908) 699-8674
---> UUNET: uunet!bcr!jona

* All opinions and stupid questions are my own *
