Sysadmins

[Leonardo Lopes Pereira]

After a quick discuss with marco_g on IRC, i started to thing about Why we need 
a sysadmin. And I realize that only small options on the system need the admin 
interference. I saw that many people here are very fanatic about security, but 
what about a system with a admin that put backdoors on programs?

So, if we will design a system where people can fell secure, we need to create 
a system where the admin has less power as possible.

In my opinion, the admin is a user that will be able ONLY to configure some 
parts of the system that cannot be configured by a user. All other things that 
the admin needs to do, like run a server, will be done by a common user with no 
more power than other users.

To install programs we can create a mechanism that every user can install 
programs that will be avaliable to every users. but all programs would be 
signed on their origin, and if the user trust on that origin, this program will 
be able to work perfectly, if the user doesn't trust on the origin of the 
program it will be alerted about that and will choose how this program will 
run. With no access to FS, with a read-only access to FS or if the user will 
start to trust on that origin.

I know that this is only one case of many thing that a sysadmin does, but this 
was what wake up this discuss in my mind, so, if you have more things that you 
beleave that only sysadmin can does, we can start to discuss, thanks.

ps.: I do not want to start a monster thread, But I beleave if you want a 
system almost from scratch, we need to discuss every point of it.

-- 
leonardolopespereira at gmail.com

GNU Privacy Guard (GPG)
ID da chave: 83E8AFBF | servidor: keys.indymedia.org
gpg --keyserver keys.indymedia.org --recv-keys 83E8AFBF

pgpvKG0Vte8Be.pgp
Description: PGP signature