Is it ever good to share a userid?
Posted
by
Ladlestein
on Server Fault
See other posts from Server Fault
or by Ladlestein
Published on 2011-11-23T19:13:55Z
Indexed on
2011/11/24
1:55 UTC
Read the original article
Hit count: 487
On Un*x, Is it ever a good idea to have one userid that many different people log into when they do stuff?
Often I'm installing software or something on a Linux or BSD system. I've developed software for 24 years now, so I know how to make the machine do what I want, but I've never had responsibility for maintaining a multi-user installation where anyone really cared about security. So my opinions feel untested.
Now I'm at a company where there's a server that many people log into with a single userid and do stuff. I'm installing some software on it. It's not really a public-facing server, and is only accessible via VPN, but it's used by many people nonetheless, to run tests on custom software, things like that. It's a staging server.
I'm thinking that at the very least, using a single user obscures an audit trail, and that's bad. And it's just inelegant, because people don't have their own spaces on the server.
But then again, with more userids, maybe there's a greater chance that one can be compromised, allowing attackers to gain access.
?
© Server Fault or respective owner