Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!ames!uhccux!munnari.oz.au!comp.vuw.ac.nz!dsiramd!marcamd!tcnz2!greg
From: greg@tcnz2.tcnz.co.nz (super)
Newsgroups: comp.unix.wizards
Subject: Re: Multiple Root ID's considered evil?
Summary: In some cases, no
Keywords: root
Message-ID: <160@tcnz2.tcnz.co.nz>
Date: 20 Sep 89 04:51:19 GMT
References: <435@lxn.eds.com>
Reply-To: greg@tcnz2.co.nz
Organization: Thomas Cook NZ Head Office, Auckland, NZ
Lines: 19

There are some cases where multiple root id's are ok. We have various
root level logins with limited access right for certain tasks :-
full system backups - so that not permission hangups will lose a file
spooler - the /dev and various other directories are protected against
	any one less than root fooling around in them. The spooler sometimes
	needs to kill and restart devices with root permissions.
operator access - we have operators who can perform various functions such
	as killing all the processes for a terminal which is hung who we do not
	want to give full root access, and who we wish to be able to individually
	track their actions.

These are all restricted in how they can operate, and can gain access to only
very limited areas of the system. Works fine.

'Gotta get me a Telefunken u47 onna these days'
-- 
Greg Calkin                                   Thomas Cook N.Z. Limited,
...!uunet!vuwcomp!dsiramd!marcamd!tcnz2!greg  PO Box 24,  Auckland CPO,
or greg@tcnz.co.nz                            New Zealand. Phone (09)-793920