Re: Sys Admins Wanted

apwilson@nospam.socs.uts.EDU.AU
Wed, 4 May 1994 17:03:14 +1000 (EST)

There's a good chance Colin Panisset once wrote:
>
> Once upon a time, Peter Meric was heard to say:
>
> }
> } On Wed, 4 May 1994, Christopher Fraser wrote:
> }
> } > I don't think there is any loss of security by having all the sysadmins
> } > knowing the root password.
> }
> } I do, and I think I can get many to support me in my beliefs.
> }
>
> [snip]
>
> This isn't a system that you're going to be doing assignments on. You're not
> going to be keeping files of earth-shattering importance on this machine.
>
> Lighten up. This is a learning experience. Let all the admins have the
> root password. (sheesh!)
>
> -- Colin.
>

I agree with Colin, ftoomsh is going to be used for a learning experience.
If we start to get worried about what sys admins are going to be doing and
logging every command then I think the learning experience will be lessened.

Peter's concern was that since C2 has been installed, anyone with root's
passwd can see all the users passwds unencrypted, and if users were to use
the same passwd on the other SoCS machines as they do on Ftoomsh then any
sys admin could find out other users passwds for the SoCS machines.

Just tell users to select a different passwd to the one they have on the
other SoCS machines. If they do not do this it is their fault.

The matter of trust steps in here and I think we could trust sys admins not
to go looking for other users passwds.

Jimmy and Sbg, what do you think since the decision will most likely be left
to you guys in the end?

Andrew.