Safeguarding the Keys to the Linux Kingdom
One of the most common security challenges Linux and Unix IT administrators face is how to effectively manage the root or super-user account. In an age of regulatory compliance and data privacy laws -- and as more and more organizations elect to run mission-critical financial, CRM (customer relationship management), SCM (supply chain management) and other applications in heterogeneous Unix and Linux environments -- controlling and auditing privileged account access is more crucial than ever.
Without proper controls, anyone with access to the root account -- the virtual "keys to the kingdom" -- is given complete super-user privileges without justification based on their job classification, specific duties or role within the IT department.
This violates the security best-practices doctrine of least privilege, and can expose proprietary systems and information to malicious activity and sabotage that could result in catastrophic information leakage or mistakes that could bring down an entire company (let alone its network).
- Login or register to post comments
- Printer-friendly version
- 1294 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
You might want to flag this as suspicious...
...As someone is trying to sell you something.
Reason is because of the author. Ellen Libenson.
Who is she?
Vice president of product management for Symark Software.
=> http://www.symark.com/
And what does Symark Software sell?
=> "Access Control and Identity Management products"
Now, put this together with this article on technewsworld.com and what do you have? A distinct form of advertising embedded in an article.
She makes sudo look like a no hoper, and then introduces the concept of identity and access management. (Which happens to be the market she's trying to sell in).
What triggered my suspicions?
(1) Firstly, she makes the user think there is NO hope for the Linux user. (Big mistake...There's ALWAYS hope.)
(2) She portrays the message: "open-source is not good for security, closed source is better". (Dead give away here...Its proven time and again that open-source handles issues better than closed).
(3) She introduces the idea of identity and access management (IAM), but never talks about specific products (at least some sort of open-source equivalent). A real open-source geek will explore options if available.
Unfortunately for this sales person, there is an open source identity management solution.
Red Hat and Fedora Directory Server has this capability. It IS open-source and available here.
=> http://directory.fedora.redhat.com/wiki/Download
(It will work with CentOS using the Fedora package)
Source code is here.
=> http://directory.fedora.redhat.com/sources/
This technology was acquired by Red Hat in late-2004, from Netscape Security Solutions.
Even Novell has Identity Manager and Novell eDirectory technology. (Not sure if its open-source or not).
re: suspicious
It's always suspicious coming from LinuxInsider or technewsworld. That's why I put where the link is to on those, for folks who boycott those sites.