Thanks for all the great replies. Proposed solutions: Use Solaris ACLs Use AFS ACLs Use sudo as required The answers were 100% do NOT give web admins root access. There were a couple of questions about what I meant by "web admin". Our web admins configure and administer our iPlanet/Sun One web servers. I imagine that is how things are in most shops although in some cases systems administrators perform those tasks. I am in complete agreement with restricting root access to systems administrators. One responder suggested looking into AFS and indicated that AFS would allow a system admin to more easily grant access to web admins. I looked at www.openafs.org and it does look very interesting. One thing I like about the AFS idea is that it would allow us to move web services to Linux if we choose without having the additional complication of having to figure out how to duplicate the solaris acls on Linux which doesn't seem possible at all without AFS. Vic > Hello List, > > I have a question about how most shops provide sufficient access to web > server administrators to allow them to work as independently as > possible. Here at my work place we have 2 Solaris admins and several web > server (iPlanet) admins. We allow them access to web areas with a > complicated system of filesystem ACLs and permissions. > > Is this the best approach. Does anyone give their web admins root access > or limited root access? > > Thanks, > > Vic > _______________________________________________ > sunmanagers mailing list > sunmanagers@sunmanagers.org > http://www.sunmanagers.org/mailman/listinfo/sunmanagers _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Fri May 23 08:20:31 2003
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:11 EST