root access
Ubiquitous Geebles
ncsa-discussion@ncsysadmin.org
Mon, 03 Mar 2003 12:13:54 -0500
In production, the SAs can su to root, but cannot log in directly as root.
If the machine is in a sorry state and requires console root emergency
access, they use a substitute UID 0 account whose password lives only in the
safe.
And not all the SAs, only the one(s) responsible for that host. If it's a
weekend or late, there's a safe, call the manager for the key location, rip
open the envelope inside, Monday ( or the next business day ) the SA changes
the password.
In development, DBAs and SAs get root on "sandbox" hosts.
Developers never get root. I've found too many non-standard,
non-reproduceable, funky things when this occurs.
_________________________________________________________________
MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*.
http://join.msn.com/?page=features/virus