Re: [Veritas-bu] SUDO
2009-03-18 15:56:02
On Wed, Mar 18, 2009 at 1:36 PM, Reynolds, Susan K. <SReynolds2 AT semprautilities DOT com> wrote:
Does anyone here use SUDO for non-root access to Netbackup; and, if so
can you send a copy of what your SUDOERs file looks like?
Interested in allowing backup admins the ability to do their jobs as
needed while trying to strike a balance with security concerns of UNIX
group.
Our backup admins have full sudo access to the master server (and media servers).
If you have backup/restore capability for the master server, all bets are off yesterday. You have the ability to restore /etc/passwd if you want to.
Trying to protect yourself from a backup admin is a lost cause. Trust your backup admins since they can do more damage than all your normal admins.
The UNIX group's security concern is security theater.
.../Ed
Ed Wilts, RHCE, BCFP, BCSD, SCSP, SCSE
ewilts AT ewilts DOT org
_______________________________________________
Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
|
|
|