[ale] Service account allows sudo but no login

leam hall leamhall at gmail.com
Tue Jul 30 12:28:41 EDT 2013


Is there a good security practice for service accounts? The goal is that an
app can run as "myapp" but no one can login as myapp and myapp's password
does not expire.

So far best practice seems to be having a regular shell and no password,
with specific people/groups allowed to sudo over.

Thoughts?

Leam

-- 
Mind on a Mission <http://leamhall.blogspot.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130730/f0dd951b/attachment.html>


More information about the Ale mailing list