%% Paul Barclay <paul.barclay@xxxxxxxxxxxxxxxxxx> writes: pb> I would not restrict usage on any individual system, this will pb> just lead to frustration on the developers part. Well, this is not actually the conversation I want to have: I'm hoping someone can provide input on my original question...? However, FWIW, the decision has not been made and I'm still arguing for significantly looser restrictions (like sudo shell or something). But, if that doesn't fly I'd prefer to have a backup people could live with rather than having no access at all. There's no question this will lead to frustration but avoiding frustration is not necessarily the primary motivation behind these decisions... pb> What are you trying to protect on individual systems? Well, IS cares whether people screw around with their systems because they have to support it, and the further away from the "standard deployment" any given desktop is, the more time it takes to support, and TIME == $$. But, I don't think this is that big of a deal and if that were all we had to worry about this would not be an issue. No one is trying to protect anything on individual systems. But, we have a heavily networked environment with massive uses of NFS: virtually anything of any importance, from developer workspaces right over to peoples' home directories, is accessed through NFS. Allowing root on desktops gives users with that access almost unlimited power on NFS filesystems and there's absolutely no way to avoid it (except not using NFS which is not feasible). There is also no way to track who might have performed any malicious action. This is a real and serious security consideration. pb> Consider a Windows solution instead as they are quite up on pb> resticting user activities. It's funny you should mention this because one of my primary arguments for root on the desktop is that all our Windows users have Windows Administrator privileges on their desktop Windows boxes. However, Administrator privileges on a Windows system gives you _significantly_ less power than root on a UNIX system (of any type), in an NFS environment especially. Windows Administrator users can always only impact their own system. If there were an equivalent level of access in UNIX that would be good, but there isn't, so here we are. Of course, we all know (as do the security folks) that denying root access to users is futile: since we don't restrict physical access to our desktops and network ports it would be the work of but a few seconds for any user who _wanted_ to, to get root on a UNIX box on the network. However, there's an issue of liability and legal responsibility: if you can show you used a due diligence and made an honest effort to keep people out, as opposed to handing out the keys to everyone, you're in much better shape should anything actually happen. Anyway, all of this is really beside the point: I'm just trying to find out if anyone's collected any list of "reasonable" root-level commands that users would legitimately need to run on a day-to-day basis. Some obvious ones I can think of are mount and umount, for example. Also probably lsmod, insmod, rmmod (for our development). I think rpm would be very important. Some command to allow people to manage their X setup (screen resolution, etc.) Etc. -- ------------------------------------------------------------------------------- Paul D. Smith <psmith@xxxxxxxxxxxxxxxxxx> HASMAT--HA Software Mthds & Tools "Please remain calm...I may be mad, but I am a professional." --Mad Scientist ------------------------------------------------------------------------------- These are my opinions---Nortel Networks takes no responsibility for them. -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
