(Domain-like setup)

Kyle Waters unum at unum5.org
Mon Apr 6 10:28:20 MDT 2009


Stuart Jansen wrote:
>
> That's the point. It doubles the number of accounts an attacker has to
> compromise. It also creates an audit trail so you know which co-worker
> needs to be "educated" after taking down a productions system. All
> without making the system noticeably harder to manage.
>
>
>   

Having multiple admins on the same system(and using ldap).  I've become 
a big fan of using the Ubuntu method(no root passwod set everyone up in 
the sudoers file).  I'm aware of one big problem with this(lets say the 
ldap server crashes).  Are there others.  I've been trying to push for 
more sudoers usage here, but am wondering what draw backs others have 
found. 

Kyle

ps I also recommend looking into pam_access



More information about the PLUG mailing list