|
|
Sponsored Content
Top Forums
Programming
Open Source
Vendor root access
Post 302975284 by zaxxon on Friday 10th of June 2016 08:18:12 AM
06-10-2016
@Bakunin:
I generally agree.
It could have been the OP had already installed the software with a non-root user as a test - just out of interesst, that's why I asked.
But in the end (my past reality
) you get such software on your desk and it has to be installed. So far I or coworkers got such tasks always communicated orally and not written.
It comes down to install it, maybe with the vendor, or deny the installation unless the management, or whatever guys bought that fancy software, will take the risk.
And to be on the clean side, you would need to notice the management of possible dangers and get a kind of written assurance from them just in case something goes wrong. But to be honest, I don't remember any coworker, who demanded this from his boss for any Software before he started the setup and I do not know if this would keep one free from guilt at court.
root or not - software can still be malicious, dangerous or any less degree of a threat/unwanted behaviour. With root it usually can harm the system it is installed on but hopefully not more system, depending on the environment and setup. So if possible only a "quarantained" system might be a start as already said by Don.
Though what is if there is a timer that it automatically does it's tricks after a defined time/date, when it is somewhat sure to be installed in a production environment where it has locally or over the net access to precious data etc...
A tracker like mentioned basically does not need root. But I know what you mean
I generally agree.
It could have been the OP had already installed the software with a non-root user as a test - just out of interesst, that's why I asked.
But in the end (my past reality
) you get such software on your desk and it has to be installed. So far I or coworkers got such tasks always communicated orally and not written.It comes down to install it, maybe with the vendor, or deny the installation unless the management, or whatever guys bought that fancy software, will take the risk.
And to be on the clean side, you would need to notice the management of possible dangers and get a kind of written assurance from them just in case something goes wrong. But to be honest, I don't remember any coworker, who demanded this from his boss for any Software before he started the setup and I do not know if this would keep one free from guilt at court.
root or not - software can still be malicious, dangerous or any less degree of a threat/unwanted behaviour. With root it usually can harm the system it is installed on but hopefully not more system, depending on the environment and setup. So if possible only a "quarantained" system might be a start as already said by Don.
Though what is if there is a timer that it automatically does it's tricks after a defined time/date, when it is somewhat sure to be installed in a production environment where it has locally or over the net access to precious data etc...
A tracker like mentioned basically does not need root. But I know what you mean
Last edited by zaxxon; 06-10-2016 at 10:08 AM.. Reason: typo
|
|
10 More Discussions You Might Find Interesting
1. Linux
wish to know how to access root password it root password is forgotten in linux (1 Reply)
Discussion started by: wojtyla
1 Replies
2. SCO
We have SCO 5.0.5 and can't log into system as "root". The system indicates the password is incorrect. No one knows what happened.
How can we resolve this issue.. Are there files we can restore from backup...?
Any suggestions would be appreciated.
Thank you.. (2 Replies)
Discussion started by: RBurer
2 Replies
3. Shell Programming and Scripting
Hi,
I just wanted to know to what files root does not have access, not even read....I read that .profile for any user is the only file which root cannot access is it true..??...If we have to use passwords and ID's in a script can we use them in .profile and call them as parameters..???
... (3 Replies)
Discussion started by: mgirinath
3 Replies
4. Solaris
Hi,
The security auditor give a this statement , what to do ?
On my solaris system (S10)
"The User ID "root" should not be used on the system - the su and
the priviledged account should be used from each administrator for
accountability purposes"
What to do ? (3 Replies)
Discussion started by: falcon16
3 Replies
5. AIX
Hello
I have a question.
I have a box with Aix 5.3 but I want to disable root access direct from any terminal or console. I mean If I want to login to 10.10.10.10
login:root
password *********
Root access is not permited
Which file I have to edit. to the users first login with... (4 Replies)
Discussion started by: lo-lp-kl
4 Replies
6. UNIX for Dummies Questions & Answers
hi
i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help
Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies
7. Shell Programming and Scripting
Currently in my system Red Hat is installed. And Many user connect to my machine via SSH Techia Terminal.
I want to give some users a root level access.
Can anyone please help me how to make it possible. I too searched on the Google but didn't find the correct way
Regards
ADI (4 Replies)
Discussion started by: adisky123
4 Replies
8. SuSE
I access over 100 SUSE SLES servers as root from my admin server, via ssh sessions using ssh keys, so I don't have to enter a password. My SUSE Admin server is setup in the following manner:
1) Remote root access is turned off in the sshd_config file.
2) I am the only user of this admin... (6 Replies)
Discussion started by: dvbell
6 Replies
9. Ubuntu
We are having a little problem on a server. We want that some users should be able to do e.g. sudo and become root, but with the restriction that the user can't change root password. That is, a guarantee that we still can login to that server and become root no matter of what the other users will... (2 Replies)
Discussion started by: 244an
2 Replies
10. OS X (Apple)
Mac users...
I updated this MBP from OSX 10.12.1 to the brand new OSX 10.12.2 two days ago.
A week ago I installed the Xcode suite.
Now the QT shell audio capture in another recent thread is broken when exporting a file.
It gives an error in a window, paraphrasing, The action is not... (4 Replies)
Discussion started by: wisecracker
4 Replies
LEARN ABOUT DEBIAN
dtc_install_centos
dtc_install_centos(8) System Manager's Manual dtc_install_centos(8) NAME
dtc_install_centos - bootstrap a CentOS install to use in a chroot or VM SYNOPSIS
dtc_install_centos <install root> <yum environment> DESCRIPTION
This shell script is part of the dtc-xen package, generally to be used by the dtc panel to install a new a Xen VPS server. This script is called by dtc_reinstall_os when the user chooses to install the CentOS operating system. How it works: it generates a temporary yum configuration in the yum environment directory, that directs yum to act inside the install root instead of in the base system; then it kindly requests yum to install the basesystem, centos-release and yum packages onto it. Yum then uses the configuration to download the required (usually, security-updated) packages and then perform the RPM installation process under the install root. It requires both RPM and yum. It does work under Debian (it was developed in Ubuntu first). It should also work on RPM-based systems without destroying the system-wide RPM and yum configurations. OPTION
<install root> Target directory where CentOS will be deployed. Must exist beforehand. <yum environment> Directory where yum will store the repository manifests and configuration. Will be automatically created. Cached RPMs and manifests will be left, as usual, in a directory var/cache/yum inside the install root. EXAMPLE
dtc_install_centos /root/yum /xen/13 This will setup the operating system in /xen/13, with the CentOS configuration folder in /root/yum. BUGS
It's limited to CentOS 5 at the moment. It must be run as root. Under some circumstances, the installation process itself may kill processes running on the host machine. The chroot yum does should be sufficient to avoid this, but we haven't been able, yet, to ascertain why this fails sometimes. SEE ALSO
dtc_reinstall_os(8) VERSION
This documentation describes dtc_install_os version 0.3.1. See http://www.gplhost.com/software-dtc-xen.html for updates. dtc_install_centos(8)