-3

A contractor is asking me to provide him with root access from day one.

Skipping the obvious "no-no"... as he's arguing that in order to do a full review of the system and identifying SPOF/etc, he needs root access, what can a root user read/see that a regular user cannot (excluding the root folder and similar)?

To say it in another way: "what can't a regular user read?", "what does he need root access for?"

Please don't down vote without explaining why

No one
  • 1

2 Answers2

0

Everything. root can read and write all files and directories.

Andrew Schulman
  • 9,142
0

as a normal user you can't

  • check sudoers and their privilege.
  • fully scan disk and volume group (you might get some information tough).
  • see some filesystem (like zone in solaris, or filesystem dedicated to certains database).
  • probe some I/O device.
  • some network information might be unavailable.

Note that I also dislike giving root password to stranger, yet at a time you'll have to. make a backup, just in case.

On a side note, on a day-to-day basis, I don't log as root on my station. I just use root to grow filesystem (once each other year) or check apache's log file for php error in my code (once a week).

Archemar
  • 1,474