Privilege Delegation, Role Management and Root Access Control
The Issue…
Privilege delegation, role management and root access control in Unix and Linux systems administration, particularly for large or widely distributed environments, is a complicated field which inevitably requires major trade-offs between functionality, security and ease of administration. In order to make effective use of Unix system, management staff require access to many programs and scripts, some more critical and sensitive than others. Unfortunately, given the lack of a layered security system, it is all too easy to give too many privileges to too many staff. While products exist which attempt to solve this problem, including some in the public domain, there are none which fully integrate a hierarchical systems management structure and security in a flexible and easy-to-use package.