s**********r
发帖数: 565 | 1 公司不允许我们sudo to root from our own user id to do anything. what they do
is to grant root permission for specific command which we need to run as
root. this causes a lot of unconvinence for us. my previous company do allow
us to sudo to root, then do anything we want. I wonder if any expert here
can help me understand how come my previous company can allow us to run as
root for all, but this company can not. is there a way to prevent user to
login as root directely if they know root's password? | t*****s
发帖数: 3478 | 2 root usually is only for systems admin, your current company does right
things.
you do not have to compare to another company. in some companies, you may
have root password too, even not use sudo. but for security reason, if you
are not a systems admin, then you should not have root password or sudo to
all as root.
yes, we can configure root not directly login from remotely, but only
allowed from console. if you log in through ssh, then ssh needs to be
configured as well, so root can not log in
【在 s**********r 的大作中提到】
: 公司不允许我们sudo to root from our own user id to do anything. what they do
: is to grant root permission for specific command which we need to run as
: root. this causes a lot of unconvinence for us. my previous company do allow
: us to sudo to root, then do anything we want. I wonder if any expert here
: can help me understand how come my previous company can allow us to run as
: root for all, but this company can not. is there a way to prevent user to
: login as root directely if they know root's password?
|
|
