Re: [Non-DoD Source] Re: Security Wonks ate my hamster.
Date: Thu, 24 Mar 2016 06:53:28 -0300
Message-ID: <CACH2ED+98-U9kxXENzBu_bOjZn=FpkkF+XtsuD3ny-KTotJbsQ_at_mail.gmail.com>
I will add my personal bias to all this...
Bureaucracies almost always end up doing the exact opposite of their reason for existence.
So over time, you will find that employees can't do their work but everyone will know easy ways to hack into the environment. On paper though processes are in place, everything is "secure" but in reality that's not the case. If IT staff from networks, workstation support or other IT sections dare point this out they will be ignored and will be considered "disruptive" by middle management layers.
e.g. from just yesterday, 20% of employees are willing to sell their e-mail password for cash.
Bureaucracies can't deal with this.
Patrice.
On Wed, Mar 23, 2016 at 6:59 PM, Robert Freeman <rfreeman_at_businessolver.com> wrote:
> Sorry – I re-read your comment and I agree with your point. Su – or su –
> root are acceptable.
>
>
>
> I picked a bad week to stop eating Lucky Charms…
>
>
>
> On 2016/03/23 13:20, Robert Freeman wrote:
>
> I would pull out the Oracle documentation where is indicates that when
> upgrading Clusterware - using pseudo root kinds of access (as in sudo su -
> root) are not supported during upgrades and
>
>
>
> It should be noted that "su - root" (or just "su -") without sudo *is*
> supported (MOS 1363369.1) and works well, as that's what I use from a
> personal login for audit purposes.
>
>
>
> Rich
>
-- -- Patrice My profiles: [image: Facebook] <http://www.facebook.com/home.php?#!/profile.php?id=100000206805521>[image: LinkedIn] <http://ca.linkedin.com/pub/patrice-boivin/a/933/5a9>[image: Twitter] <http://www.twitter.com/PatriceBoivin> -- http://www.freelists.org/webpage/oracle-lReceived on Thu Mar 24 2016 - 10:53:28 CET