Re: BYPASS privilege !!

From: JF Mezei <jfmezei.spamnot@xxxxxxxxxxxxx>
Date: Mon, 11 Jun 2007 16:51:10 -0400

In the end, isn't it still true that for a functional system, you still need to trust at least one system manager who could still wreak havok on your system if he truly wanted to ?

Or can a system truly be locked down to a point where the system manager cannot do his job without supervision from the security folks ?

(And when, as is often the case, the system manager is the only one in the company who really knows VMS, those security folks who monitor the system manager would have no clue on what he is really doing.
.

Follow-Ups:
- Re: BYPASS privilege !!
  - From: Richard B. Gilbert

References:
- BYPASS privilege !!
  - From: BaxterD

Prev by Date: Re: Lightning & Time to buy lottery tickets
Next by Date: Re: BYPASS privilege !!
Previous by thread: Re: BYPASS privilege !!
Next by thread: Re: BYPASS privilege !!
Index(es):
- Date
- Thread

Relevant Pages

Re: BYPASS privilege !!
... need to trust at least one system manager who could still wreak havok on your system if he truly wanted to? ... Or can a system truly be locked down to a point where the system manager cannot do his job without supervision from the security folks? ... It may take me days to remember exactly what it's called but there is a secondary password that can be required to log in to an account; IOW two passwords, only one of which is known to the system manager. ...
(comp.os.vms)
Re: how to implement an append only log file?
... > have real append-only files in an OS? ... It isn't possible because if the user has enough privilege they ... systems have earned that level of trust. ... and trust the system manager not to mess with the software ...
(comp.os.vms)
Re: how to implement an append only log file?
... JF Mezei writes: ... you have to trust your system manager. ... So it is with all security measures, ... you have to trust somebody. ...
(comp.os.vms)