We also should be rectifying this problem as we move to WebSphere v6.
We'll be installing under an ID other than root, so the admin won't need
'root' access to do some of their 'WebSphere' tasks (and shouldn't be able
to clobber /dev/null then!).
Marcy Cortes
<[EMAIL PROTECTED]
ellsfargo.com> To
Sent by: Linux on [email protected]
390 Port cc
<[EMAIL PROTECTED]
IST.EDU> Topic
Subject
01/17/2008 12:32 Re: Linux not recognizing file
PM systems
Please respond to
Linux on 390 Port
<[EMAIL PROTECTED]
IST.EDU>
As long as a manager says they can have it, they have it. That's all
audit cares about.
Ours do as well (via sudo), but they actually do do a lot of sysadmin'y
things that require root. They've also have sysadmin experience and
training.
Marcy Cortes
"This message may contain confidential and/or privileged information. If
you are not the addressee or authorized to receive this for the
addressee, you must not use, copy, disclose, or take any action based on
this message or any information herein. If you have received this
message in error, please advise the sender immediately by reply e-mail
and delete this message. Thank you for your cooperation."
-----Original Message-----
From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of
Mark Post
Sent: Thursday, January 17, 2008 6:52 AM
To: [email protected]
Subject: Re: [LINUX-390] Linux not recognizing file systems
>>> On Thu, Jan 17, 2008 at 9:21 AM, in message
<[EMAIL PROTECTED]>, Joell Chockley
<[EMAIL PROTECTED]> wrote:
> We did find out after getting the problem fixed that our WebSphere
> Admin had mistyped a command they use to clear a log file (did a mv on
> /dev/null instead of a cp)...we've changed their procedure so they
> don't do either command anymore!
This raises a whole new set of questions, one of which being "why does a
WebSphere admin have general root access?" To prevent situations such
as what you've experienced, that's not a good idea, and it's likely your
auditors will have a much harsher assessment.
Mark Post
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions, send
email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or
visit http://www.marist.edu/htbin/wlvindex?LINUX-390
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or
visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
CONFIDENTIALITY NOTICE: This email message and any attachments are for the sole
use of the intended recipient(s) and may contain proprietary, confidential,
trade secret or privileged information. Any unauthorized review use,
disclosure or distribution is prohibited and may be a violation of law. If you
are not the intended recipient or a person responsible for delivering this
message to an intended recipient, please contact the sender by reply email and
destroy all copies of the original message.
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
