[ Thanks to David
Spector for this link. ]
“Doing the wrong thing in the cause of making your network “more
secure” can land an unlucky administrator in a duel with the legal
system. This is more likely when your actions come as a surprise or
are viewed in a bad light by others who question your authority or
motives to be doing what you’re doing. With all the sound and fury
in media about evil hackers, it’s a good idea to consider how to
protect yourself ahead of time.”
“The sheer power of the systems administration function
intimidates many users and management types when they stumble into
the realization of just what can be done with root privileges. The
question that shakes out of this is pretty simple: How can I do my
job, run a system or network safely and securely without winding up
on the wrong end of a subpoena?”
“…it’s a good idea to make sure that your role and your
responsibilities are fully specified. By “fully specified” I…
mean that… your job description should be complete and list not
only the hardware and software you support, but what management
areas that role includes.“