Re: [Veritas-bu] SUDO

On Wed, Mar 18, 2009 at 1:36 PM, Reynolds, Susan K. <SReynolds2 AT semprautilities DOT com> wrote:

Does anyone here use SUDO for non-root access to Netbackup; and, if so
can you send a copy of what your SUDOERs file looks like?

Interested in allowing backup admins the ability to do their jobs as
needed while trying to strike a balance with security concerns of UNIX
group.

Our backup admins have full sudo access to the master server (and media servers).

If you have backup/restore capability for the master server, all bets are off yesterday. You have the ability to restore /etc/passwd if you want to.

Trying to protect yourself from a backup admin is a lost cause. Trust your backup admins since they can do more damage than all your normal admins.

The UNIX group's security concern is security theater.

.../Ed

Ed Wilts, RHCE, BCFP, BCSD, SCSP, SCSE
ewilts AT ewilts DOT org

_______________________________________________
Veritas-bu maillist  -  Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu

<Prev in Thread]	Current Thread	[Next in Thread>
[Veritas-bu] xen servers, Kathy Baron Re: [Veritas-bu] xen servers, Jim Horalek Re: [Veritas-bu] xen servers, smpt [Veritas-bu] SUDO, Reynolds, Susan K. Re: [Veritas-bu] SUDO, judy_hinchcliffe Re: [Veritas-bu] SUDO, Peter DrakeUnderkoffler Re: [Veritas-bu] SUDO, Ed Wilts <=

Previous by Date:	Re: [Veritas-bu] SUDO, Peter DrakeUnderkoffler
Next by Date:	Re: [Veritas-bu] What is best approach to share one ACSLS library ?, Bustamante, Luis Eduardo
Previous by Thread:	Re: [Veritas-bu] SUDO, Peter DrakeUnderkoffler
Next by Thread:	[Veritas-bu] Auxilary and Inline Copy ??, Sabar Martin Hasiholan Panggabean
Indexes:	[Date] [Thread] [Top] [All Lists]