Should We Abolish User Access to rm?
Jan 27, 2011, 15:03 (11 Talkback[s])
(Other stories by Jeffrey B. Layton)
No-Size-Fits-All! An Application-Down Approach for Your Cloud Transformation REGISTER >
"Lately, I've been hearing system administrators and managers
ask about solutions to keep people from accidentally removing their
data. These are very smart and dedicated people asking for a
solution so that data isn't lost either by accident or on purpose.
A wild idea I've heard to solve the problem is getting rid of user
access to the rm command. Is this truly a crazy idea?
"Frustration Lately, in my day job, I've been getting questions
from very smart, dedicated, and resource constrained administrators
who have users who either accidentally, or sometimes
absentmindedly, remove data. The problem they are facing is that
the user removes the data, most likely using rm, and then realizes
they actually needed the data. Of course, they ask the
administrator to recover the data or restore it from a backup,
which may or may not be possible (sometimes the requests are, shall
we say, "impassioned"). If the recovery doesn't happen fast enough
or if the user is not getting enough attention then the users do
what is natural to them, they escalate the request through their
management chain, indicating the importance of the data.
Consequently, the administrators have to drop everything they are
doing and spend a great deal of time recovering the data (if they
can). This means that other tasks fall by the wayside and
administrator frustration builds (and from the comments/requests,
it seems as though the frustration level is pretty high)."