[Info-vax] Job logicals linked to a process
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Fri Jan 8 19:01:01 EST 2021
On 2021-01-08 23:07:28 +0000, Chris Townley said:
> It was more of a hypothetical, historical thing. I had thought of
> piping the output from SDA, but I thought there might be any easier
> way. Not as a means of sharing data, but identifying what a process was
> - too many shared usernames!
Shared usernames aren't a technical issue.
That's an accountability issue.
Who knows how far a shared password gets.
You can institute accountability on the staff yourself, or notify of
the risks involved and make management accountable and preferably that
in writing, or you can end up accountable if (when?) this all goes
sideways.
There are various means to establish dedicated logins, whether via
dedicated ssh sessions with passphrases and certificates, or SYSALF, or
user-issued logins, or other means of controlling access.
Details and options vary by requirements.
Configurations with shared credentials tend to end badly.
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list