On 1/20/2011 10:11 AM, Rudi Ahlers wrote: > > Benjamin, I'm sorry to say this, but you're wrong! > > Now, since we're doing the name-calling thing, let's get that out of the way. > > Sometimes you need to access a PC of a staff member who is busy with > something right now. And I'm not talking about administrative access. > Sure, I can access any PC via root login, and frankly for that matter > I can also reset any user's password via root login. > > The message I'm trying to bring across is that users in the company > shouldn't have passwords which admin doesn't know, or can't access. > The PC's and data, well at least in our company, is the property of > the company. Making it more difficult for an engineer to gain access > to a user's PC automatically arises suspicion That actually sounds very strange. Are there any published references for the concept that individual passwords should be shared instead of an administrator using his own granted privileges when accessing data owned by someone else? And if group access is commonly needed, shouldn't the data be group-accessible, both in protection and location? Are you working around some software constraint here? I can understand both sharing of physical workstations (with different logins) and sharing common data, but don't see why you'd ever want one person to pretend to be someone else by sharing a login. -- Les Mikesell lesmikesell@xxxxxxxxx _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos