Who gets root access?

security root

I'm working on a web application which handles some sensitive data. We're getting pretty tight on security, and laying out policies to lock down access to machines, and log everything for technical audit purposes.

The question we keep coming back to is this: Who gets root?

Our server instances will have a root user. That root user will have a password. Who should have access to this? Is it possible/desirable to have a machine where noone can have root access?

I'd appreciate any thoughts you have on the subject.


Solution 1:

No one. Make them use sudo so all root-level commands are logged and attributable to a specific person.

Solution 2:

No-one except maybe a hardware administrator gets root password! The root password should only be usable on the console, not via SSH or other services.

Use groups to define access to different sets of programs with escalated privaledges using sudo. For example the wheel group is typically for people that get root privs, but everything gets logged as their user. If people don't need full root privs but only a few commands as some other user, make another group.

Related

FreeBSD `freebsd-update` automation?
What does /v/qn parameter do for windows silent installers?
What is the best distro to host a KVM virtualization solution
NGINX Remove index.php /index.php/something/more/ to /something/more
Why is Debian 6.0.1 asking for Install CD when installing stuff?
Best lightweight linux IRC server for a team
What is the purpose of a domain?
What is the difference between OSPF and RIP?
etckeeper, Git checkout, and broken file permissions in /etc
Is it possible to Managing 20 TB data using MySQL?
Prevent backup of iPhone on macOS Catalina
How does one take complete control of the MacBook built-in webcam?