Disagreee with what?
Letting your operators have access to the linux console
has nothing to do with whether or not leaving root logged
on and disconnecting the linux virtual console is a security
risk.
You say "operators," does this mean they have access to
the OPERATOR account/logon on VM? If so then they already
have access to everything that VM owns! As far as screwing
things up is concerned, anyway.
If they want to "experiment" give them their own
linux VM, that's what I do.
Or rap them across the knuckles with a piece of re-bar!
"Little, Chris"
<[EMAIL PROTECTED] To: [EMAIL PROTECTED]
kdhs.org> cc:
Sent by: Linux Subject: Re: Question: setting up SuSE
SLES7 to automatically be logged o n as root
on 390 Port during boot up .....
<[EMAIL PROTECTED]
ARIST.EDU>
10/31/2003
04:14 PM
Please respond
to Linux on 390
Port
I'm going to have to disagree with that. I need my operators to be able to
access the console, however, I don't want them having root access . . .
some
of them like to experiment. Ok, some sysadmins like to also . . . perhaps
not a good example :)
but you get the idea.
> -----Original Message-----
> From: Dennis Wicks [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 31, 2003 4:08 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Question: setting up SuSE SLES7 to automatically
> be logged
> o n as root during boot up .....
>
>
> Greetings;
>
> I have been following this discussion sporadically and
> it appears to me to be partly much ado about nothing.
>
> Many people on this list have only recently become aware of
> VM and don't really understand how things work.
>
> The concern about leaving root logged on is really pretty
> much unjustified. On VM when you disconnect you have to either
> know the password for the user or have LOGONBY priviledges in
> the VM directory to reconnect, or be a class A or C user
> and have the SCIF EXEC available.
>
> Now, if you have a lot of VM users that satisfy one or
> more of the above requirements I think you have way bigger
> security problems right now than you could possibly be
> exposed to by leaving root logged on and disconnecting
> the linux console!
>
> Good Luck!
> Dennis
>
>
>
>
> "Post, Mark K"
> <[EMAIL PROTECTED] To:
> [EMAIL PROTECTED]
> com> cc:
> Sent by: Linux Subject: Re:
> Question: setting up SuSE SLES7 to automatically be logged o
> n as root
> on 390 Port during boot up .....
> <[EMAIL PROTECTED]
> ARIST.EDU>
>
>
> 10/30/2003
> 03:15 PM
> Please respond
> to Linux on 390
> Port
>
>
>
>
>
>
> A lot of the objections are being made because the assumption
> that you need
> the root password to shut down is incorrect. Bootshell, the Signal
> Shutdown
> facility, etc., obviate the need for that.
>
> For automation, I would find some other method of getting
> commands to a
> system. I don't ever leave any of my systems logged on when
> I disconnect
> from the console.
>
>
> Mark Post
>
> -----Original Message-----
> From: Rob van der Heij [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, October 29, 2003 5:05 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Question: setting up SuSE SLES7 to automatically
> be logged
> on as root during boot up .....
>
>
> On Wed, 2003-10-29 at 20:53, James Melin wrote:
> > Aside from being EXCEPTIONALLY dangerous, why do you want this?
>
> -snip-
>
> While the obvious reason for doing this is the automation that runs on
> that virtual console, another good reason imho is that
> systems staff do
> not need to find a root password when system administration is done by
> others.
>
> Rob
>
