Quote:
Originally Posted by
zaxxon
What makes you sure that they don't need root access?
Nothing, perhaps. But if someone - in general - needs root access then he has at least the rights management got completely backwards. And this begs the questions: where else have the developers of the software - to put it in polite words - strayed from the path of pure truth?
Quote:
Originally Posted by
zaxxon
There are of course commands, that can be only issued as root.
Yes, and these are the exceptions to what i said in general above. The most common of these exceptions is arguably having to install kernel extensions (i.e. Oracle Database, SAP). But with careful planning these parts can be isolated into a single script (like
rootpre.sh in the Oracle installation) and handed over to the Sysadmin to be executed. The software provider needing root access
himself is either out of pure lazyness ("its so much easier if i can do whatever i want") or bad design and/or implementation of the software. This doesn't even take malevolent intents (which also could be the case) into account. And by "malevolent" i do not only mean outright criminal theft of data or the like! How about "yes, of course we installed this tracker for the number of installations of our competitors software X, because knowing how many of these you use helps us tailoring our service better to your needs"? Would that be what you want on your system?
Quote:
Originally Posted by
gull04
it used to be part of the SA's job to ensure that no one other than the SA had access to the root account.
Amen, brother!
Quote:
Originally Posted by
gull04
It also used to be drummed into SA's that any application that had to be installed as root was basically flawed.
Again with the exceptions stated above: yes.
And there are two other points you should take into account: first, it is YOUR job as Sysadmin to guarantee the integrity of the system. How can you do that, after someone else had root access? You can check for all backdoor methods to be installed you can imagine, but ultimately you don't know if there isn't a method you do NOT know of.
and second: as the admin you are responsible for the daily operation of the system. If someone sets something up - how would you repeat the process in case of desaster? Suppose the server breaks and you need to install a new one: shouldn't you be able to do it?
To be able to do it in most cases boils down to: at least once did it! So you should not let them remotely install anything anyways, but insist that they send a person to
assist you while you install the system (and document the process). This way you will be much more likely to repeat this should anything go southwards.
I hope this helps.
bakunin