[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Sysadmins

From: Brian Brunswick
Subject: Re: Sysadmins
Date: Thu, 3 Nov 2005 15:17:14 +0000

On 03/11/05, Justin Emmanuel <address@hidden> wrote:
> Also in the desktop Enterprise the systems admin needs to be very
> intrusive. To do things like create default interfaces, and make users
> adhere to company policy;
> How about super users with different rights and authorities?
> Why not split the concentration of power?

This is the correct answer to the sysadmin problem. The reality is
there are many different types, and we should have "possible to split
sysadmin power" as a goal.

I want someone able to install a new database version without being
allowed access to
the live customer data.

I want someone able to add users within a particular domain, but not
able to access anyone's files.

I want someone able to manage backups and file retrieval at the
physical media level.

I want to give an auditor read-only access to all the accounts.

I want someone to be able to manage resource usage and prioritise

I want someone able to set up all the above. Perhaps it would actually
be a committee, and need multiple signatures to proceed!

Hardware access ultimately means all bets are off, but at least it
should be somewhat hard. That means encrypted data I guess...


reply via email to

[Prev in Thread] Current Thread [Next in Thread]