home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!cs.utexas.edu!uwm.edu!spool.mu.edu!agate!ucbvax!UNODE2.NSWC.NAVY.MIL!SYSTEM_JB
- From: SYSTEM_JB@UNODE2.NSWC.NAVY.MIL ("SYSTEM SUPPORT")
- Newsgroups: comp.os.vms
- Subject: operator accounts
- Message-ID: <9301221030.AA01176@ucbvax.Berkeley.EDU>
- Date: 21 Jan 93 15:44:00 GMT
- Sender: daemon@ucbvax.BERKELEY.EDU
- Distribution: world
- Organization: The Internet
- Lines: 34
-
- I've been working with this one a bit lately. We had been using a separate
- account for OPERATOR (it was captive and did the mean and dirty stuff with
- privs) as well as an OPRWORK account (a few added privs to do some simple
- grunt work) and an individual account for mail, etc.)
-
- I created an executable (pretty much justs spawns) that starts up a menu
- system. The executable is installed with SETPRV and is started up by typing
- OPERATOR from the individual account. This meant 1 instead of 3 passwords to
- learn, no sharing of accounts, and if anything happens, you can audit the
- idividual accounts. The executable calls a DCL based menu program that is kept
- tight for errors and control-c stuff so they don't keep bombing. if an error
- does occur, the operator should be booted from the program and all installed
- privs resinded. use reads instead of inquires and all that stuff. seems to be
- easier for the operators as well as easier for use to maintain and hold down
- any funny stuff. (also, on the shared accounts, had to reset password every
- time someone left)
-
- Sorry if this is kind of schetchy, but I'm hungry and it is lunch time here.
-
- Jon
-
- -----------------------------------------------------------------------------
-
- //// Jonathan C. Baker
- ^[^ Naval Surface Warfare Center
- \_/ Code N23A
- Dahlgren, VA 22448
- 703-663-8705
- INTERNET: system_jb@unode1.nswc.navy.mil
-
- "Is it true that Asfault is a rectal disease???"
-
-
-
-
