Check out the new USENIX Web site.

Home About USENIX Events Membership Publications Students
USENIX Tenth System Administration Conference (LISA '96)

Priv: Secure and Flexible Privileged Access Dissemination

Brian C. Hill
University of California, Davis


Large UNIX installations have become increasingly demanding of ever growing staffs of system administrators. Since very few system management tasks can be performed without access to root, large sites quickly face a ``too many cooks'' problem. The problem emerges clearly out of the numerous existing, yet only partial solutions to the problem.

Examples of broad access needs are numerous: Help desk staff need to be able to examine user's files to assist over the phone or change passwords. The ability to su(1) to only non-root users is also be useful. System operators need to manage print queues, kill jobs and reboot systems. Neither group, however, should necessarily need access to to pids or files owned by root, making blanket access to kill(1) and cat(1), for example, potentially problematic. Users in a research lab need to mount cdroms. In walk-in consulting areas, securing access to commands via the privileged user's own passwd prevents unattended terminals from being sabotaged. In our environment at UC Davis, we have all of these groups of users and none represent core system administration staff, the only true root users. Several packages and other mechanisms address this issue, but even most of the more expensive commercial packages fail to allow privileged system access that is both secure and flexible.

View the full text of this paper in ASCII (40,717 Bytes) and POSTSCRIPT (599,063 Bytes) form.

To Become a USENIX Member, please see our Membership Information.

?Need help? Use our Contacts page.

Last changed: 8 May 2002 aw
Conference Index