Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!rutgers!tut.cis.ohio-state.edu!ucbvax!mtxinu!shore
From: shore@mtxinu.COM (Melinda Shore)
Newsgroups: comp.unix.wizards
Subject: Re: Getting rid of the root account
Message-ID: <880@mtxinu.UUCP>
Date: 7 Jun 89 05:41:02 GMT
References: <106326@sun.Eng.Sun.COM> <4315@ficc.uu.net> <16597@rpp386.Dallas.TX.US> <1961@ubu.warwick.UUCP> <16638@rpp386.Dallas.TX.US> <10370@smoke.BRL.MIL> <3327@cps3xx.UUCP>
Reply-To: shore@mtxinu.com (Melinda Shore)
Organization: mt Xinu, Berkeley
Lines: 11

[]
It's been my experience that sloppy administration is more likely to
be at fault when a breakin occurs than is the inherent security/lack-
of-security of a particular OS.  Management of layered privileges in
medium-sized to large organizations gets out of hand amazingly quickly,
and it's not at all unusual for people who aren't systems administrators
but have some privileges to hand out their passwords.  The theory of
layered privileges is nice, but the reality is Not Good.
-- 
Melinda Shore                                     shore@mtxinu.com
Mt Xinu                                  ..!uunet!mtxinu.com!shore