Why do companies not give root access to their employees

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
3
down vote

favorite












Why do companies typically not give their employees root access to their desktop machines that are only used by a single employee?



If what I can do on my machine poses a threat to the rest of the network, isn't a security flaw in itself? Why would the rights I have on my own machine affect what I can do to others on the network?



Isn't the point of Unix user management to protect files of user A on machine X from access by user B on machine X?



If it's about protecting the user from himself (say, from installing something with root access that will wipe out the hard drive): Since I am working without root access, all my files are owned by myself; hence, if I am fooled and run an evil script without root access and it wipes all only the files owned by myself, it is just as bad as if I had given it root access and it wiped the entire hard drive.






corporate-policy root







share|improve this question









New contributor




Bananach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.



















  • What do you mean by root access? Do you mean not providing the root password to be able to sudo, or do you mean not allowing users to log into root?
    – schroeder♦
    4 hours ago














up vote
3
down vote

favorite












Why do companies typically not give their employees root access to their desktop machines that are only used by a single employee?



If what I can do on my machine poses a threat to the rest of the network, isn't a security flaw in itself? Why would the rights I have on my own machine affect what I can do to others on the network?



Isn't the point of Unix user management to protect files of user A on machine X from access by user B on machine X?



If it's about protecting the user from himself (say, from installing something with root access that will wipe out the hard drive): Since I am working without root access, all my files are owned by myself; hence, if I am fooled and run an evil script without root access and it wipes all only the files owned by myself, it is just as bad as if I had given it root access and it wiped the entire hard drive.






corporate-policy root







share|improve this question









New contributor




Bananach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.



















  • What do you mean by root access? Do you mean not providing the root password to be able to sudo, or do you mean not allowing users to log into root?
    – schroeder♦
    4 hours ago












up vote
3
down vote

favorite









up vote
3
down vote

favorite











Why do companies typically not give their employees root access to their desktop machines that are only used by a single employee?



If what I can do on my machine poses a threat to the rest of the network, isn't a security flaw in itself? Why would the rights I have on my own machine affect what I can do to others on the network?



Isn't the point of Unix user management to protect files of user A on machine X from access by user B on machine X?



If it's about protecting the user from himself (say, from installing something with root access that will wipe out the hard drive): Since I am working without root access, all my files are owned by myself; hence, if I am fooled and run an evil script without root access and it wipes all only the files owned by myself, it is just as bad as if I had given it root access and it wiped the entire hard drive.






corporate-policy root







share|improve this question









New contributor




Bananach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











Why do companies typically not give their employees root access to their desktop machines that are only used by a single employee?



If what I can do on my machine poses a threat to the rest of the network, isn't a security flaw in itself? Why would the rights I have on my own machine affect what I can do to others on the network?



Isn't the point of Unix user management to protect files of user A on machine X from access by user B on machine X?



If it's about protecting the user from himself (say, from installing something with root access that will wipe out the hard drive): Since I am working without root access, all my files are owned by myself; hence, if I am fooled and run an evil script without root access and it wipes all only the files owned by myself, it is just as bad as if I had given it root access and it wiped the entire hard drive.






corporate-policy root




corporate-policy root






share|improve this question









New contributor




Bananach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Bananach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 4 hours ago









schroeder♦

67.7k25142179




67.7k25142179






New contributor




Bananach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 5 hours ago









Bananach

1161




1161




New contributor




Bananach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Bananach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Bananach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











  • What do you mean by root access? Do you mean not providing the root password to be able to sudo, or do you mean not allowing users to log into root?
    – schroeder♦
    4 hours ago
















  • What do you mean by root access? Do you mean not providing the root password to be able to sudo, or do you mean not allowing users to log into root?
    – schroeder♦
    4 hours ago















What do you mean by root access? Do you mean not providing the root password to be able to sudo, or do you mean not allowing users to log into root?
– schroeder♦
4 hours ago




What do you mean by root access? Do you mean not providing the root password to be able to sudo, or do you mean not allowing users to log into root?
– schroeder♦
4 hours ago










2 Answers
2






active

oldest

votes

















up vote
2
down vote













Security administrators are responsible for your machine and what happens on your machine. This responsibility violates the basic security model for a single-user Unix machine because the admin (an absent party) is root on your machine, you are not. Unix isn't really set up for this model.



Admins need to be able to install security controls on your machine in order to protect the company, not just the data and the network and the other nodes. If the local user had root access, admins are no longer in control over those controls. That's the basic premise.



Yes, there are tons of reasons why root is needed to do bad things or to turn the machine into a malicious node, and yes there are lots of ways around those limitations and lots of ways that the local user could do bad things. But ultimately, the local user and the Risk Owner cannot be competing for control or responsibility over the machine.






share|improve this answer



























    up vote
    1
    down vote













    A few reasons off the top of my head:



    • ARP poisoning or network flooding attacks on the network would generally require root access to a machine on the network.


    • Being able to install unauthorised programs might open the company up to legal liability if those programs are themselves illegal (e.g. because they're pirated or not licensed for for-profit use or whatever).


    • If the company has any sort of remote monitoring of employees (or wants the ability to have such monitoring even if it's not in place yet), giving users root access would allow them to bypass that.


    • Not having root access means you can't rm -rf /bin, or any number of other destructive things, and nor can anyone who gains access to your login details, so there's no chance your company will need to help you recover from that situation.


    • If your company might redeploy your machine if you leave, they might feel more comfortable doing so without doing a complete wipe-and-reinstall if you've never had root access to it.


    • Giving people root access is easy, if it becomes necessary; taking root access away comprehensively is difficult if it becomes necessary.


    • The general principle of least privilege is that you shouldn't give anyone/anything access they don't actively need.


    • Simply not having moved on from the days of shared servers because it's a process that's worked and nothing has broken the inertia (the hypothetical monkeys and ladders problem).






    share|improve this answer




















      Your Answer







      StackExchange.ready(function()
      var channelOptions =
      tags: "".split(" "),
      id: "162"
      ;
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function()
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled)
      StackExchange.using("snippets", function()
      createEditor();
      );

      else
      createEditor();

      );

      function createEditor()
      StackExchange.prepareEditor(
      heartbeatType: 'answer',
      convertImagesToLinks: false,
      noModals: false,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: null,
      bindNavPrevention: true,
      postfix: "",
      noCode: true, onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      );



      );






      Bananach is a new contributor. Be nice, and check out our Code of Conduct.









       

      draft saved


      draft discarded


















      StackExchange.ready(
      function ()
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f196350%2fwhy-do-companies-not-give-root-access-to-their-employees%23new-answer', 'question_page');

      );

      Post as a guest

















      2 Answers
      2






      active

      oldest

      votes








      2 Answers
      2






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes








      up vote
      2
      down vote













      Security administrators are responsible for your machine and what happens on your machine. This responsibility violates the basic security model for a single-user Unix machine because the admin (an absent party) is root on your machine, you are not. Unix isn't really set up for this model.



      Admins need to be able to install security controls on your machine in order to protect the company, not just the data and the network and the other nodes. If the local user had root access, admins are no longer in control over those controls. That's the basic premise.



      Yes, there are tons of reasons why root is needed to do bad things or to turn the machine into a malicious node, and yes there are lots of ways around those limitations and lots of ways that the local user could do bad things. But ultimately, the local user and the Risk Owner cannot be competing for control or responsibility over the machine.






      share|improve this answer
























        up vote
        2
        down vote













        Security administrators are responsible for your machine and what happens on your machine. This responsibility violates the basic security model for a single-user Unix machine because the admin (an absent party) is root on your machine, you are not. Unix isn't really set up for this model.



        Admins need to be able to install security controls on your machine in order to protect the company, not just the data and the network and the other nodes. If the local user had root access, admins are no longer in control over those controls. That's the basic premise.



        Yes, there are tons of reasons why root is needed to do bad things or to turn the machine into a malicious node, and yes there are lots of ways around those limitations and lots of ways that the local user could do bad things. But ultimately, the local user and the Risk Owner cannot be competing for control or responsibility over the machine.






        share|improve this answer






















          up vote
          2
          down vote










          up vote
          2
          down vote









          Security administrators are responsible for your machine and what happens on your machine. This responsibility violates the basic security model for a single-user Unix machine because the admin (an absent party) is root on your machine, you are not. Unix isn't really set up for this model.



          Admins need to be able to install security controls on your machine in order to protect the company, not just the data and the network and the other nodes. If the local user had root access, admins are no longer in control over those controls. That's the basic premise.



          Yes, there are tons of reasons why root is needed to do bad things or to turn the machine into a malicious node, and yes there are lots of ways around those limitations and lots of ways that the local user could do bad things. But ultimately, the local user and the Risk Owner cannot be competing for control or responsibility over the machine.






          share|improve this answer












          Security administrators are responsible for your machine and what happens on your machine. This responsibility violates the basic security model for a single-user Unix machine because the admin (an absent party) is root on your machine, you are not. Unix isn't really set up for this model.



          Admins need to be able to install security controls on your machine in order to protect the company, not just the data and the network and the other nodes. If the local user had root access, admins are no longer in control over those controls. That's the basic premise.



          Yes, there are tons of reasons why root is needed to do bad things or to turn the machine into a malicious node, and yes there are lots of ways around those limitations and lots of ways that the local user could do bad things. But ultimately, the local user and the Risk Owner cannot be competing for control or responsibility over the machine.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered 4 hours ago









          schroeder♦

          67.7k25142179




          67.7k25142179






















              up vote
              1
              down vote













              A few reasons off the top of my head:



              • ARP poisoning or network flooding attacks on the network would generally require root access to a machine on the network.


              • Being able to install unauthorised programs might open the company up to legal liability if those programs are themselves illegal (e.g. because they're pirated or not licensed for for-profit use or whatever).


              • If the company has any sort of remote monitoring of employees (or wants the ability to have such monitoring even if it's not in place yet), giving users root access would allow them to bypass that.


              • Not having root access means you can't rm -rf /bin, or any number of other destructive things, and nor can anyone who gains access to your login details, so there's no chance your company will need to help you recover from that situation.


              • If your company might redeploy your machine if you leave, they might feel more comfortable doing so without doing a complete wipe-and-reinstall if you've never had root access to it.


              • Giving people root access is easy, if it becomes necessary; taking root access away comprehensively is difficult if it becomes necessary.


              • The general principle of least privilege is that you shouldn't give anyone/anything access they don't actively need.


              • Simply not having moved on from the days of shared servers because it's a process that's worked and nothing has broken the inertia (the hypothetical monkeys and ladders problem).






              share|improve this answer
























                up vote
                1
                down vote













                A few reasons off the top of my head:



                • ARP poisoning or network flooding attacks on the network would generally require root access to a machine on the network.


                • Being able to install unauthorised programs might open the company up to legal liability if those programs are themselves illegal (e.g. because they're pirated or not licensed for for-profit use or whatever).


                • If the company has any sort of remote monitoring of employees (or wants the ability to have such monitoring even if it's not in place yet), giving users root access would allow them to bypass that.


                • Not having root access means you can't rm -rf /bin, or any number of other destructive things, and nor can anyone who gains access to your login details, so there's no chance your company will need to help you recover from that situation.


                • If your company might redeploy your machine if you leave, they might feel more comfortable doing so without doing a complete wipe-and-reinstall if you've never had root access to it.


                • Giving people root access is easy, if it becomes necessary; taking root access away comprehensively is difficult if it becomes necessary.


                • The general principle of least privilege is that you shouldn't give anyone/anything access they don't actively need.


                • Simply not having moved on from the days of shared servers because it's a process that's worked and nothing has broken the inertia (the hypothetical monkeys and ladders problem).






                share|improve this answer






















                  up vote
                  1
                  down vote










                  up vote
                  1
                  down vote









                  A few reasons off the top of my head:



                  • ARP poisoning or network flooding attacks on the network would generally require root access to a machine on the network.


                  • Being able to install unauthorised programs might open the company up to legal liability if those programs are themselves illegal (e.g. because they're pirated or not licensed for for-profit use or whatever).


                  • If the company has any sort of remote monitoring of employees (or wants the ability to have such monitoring even if it's not in place yet), giving users root access would allow them to bypass that.


                  • Not having root access means you can't rm -rf /bin, or any number of other destructive things, and nor can anyone who gains access to your login details, so there's no chance your company will need to help you recover from that situation.


                  • If your company might redeploy your machine if you leave, they might feel more comfortable doing so without doing a complete wipe-and-reinstall if you've never had root access to it.


                  • Giving people root access is easy, if it becomes necessary; taking root access away comprehensively is difficult if it becomes necessary.


                  • The general principle of least privilege is that you shouldn't give anyone/anything access they don't actively need.


                  • Simply not having moved on from the days of shared servers because it's a process that's worked and nothing has broken the inertia (the hypothetical monkeys and ladders problem).






                  share|improve this answer












                  A few reasons off the top of my head:



                  • ARP poisoning or network flooding attacks on the network would generally require root access to a machine on the network.


                  • Being able to install unauthorised programs might open the company up to legal liability if those programs are themselves illegal (e.g. because they're pirated or not licensed for for-profit use or whatever).


                  • If the company has any sort of remote monitoring of employees (or wants the ability to have such monitoring even if it's not in place yet), giving users root access would allow them to bypass that.


                  • Not having root access means you can't rm -rf /bin, or any number of other destructive things, and nor can anyone who gains access to your login details, so there's no chance your company will need to help you recover from that situation.


                  • If your company might redeploy your machine if you leave, they might feel more comfortable doing so without doing a complete wipe-and-reinstall if you've never had root access to it.


                  • Giving people root access is easy, if it becomes necessary; taking root access away comprehensively is difficult if it becomes necessary.


                  • The general principle of least privilege is that you shouldn't give anyone/anything access they don't actively need.


                  • Simply not having moved on from the days of shared servers because it's a process that's worked and nothing has broken the inertia (the hypothetical monkeys and ladders problem).







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered 4 hours ago









                  me_and

                  1526




                  1526




















                      Bananach is a new contributor. Be nice, and check out our Code of Conduct.









                       

                      draft saved


                      draft discarded


















                      Bananach is a new contributor. Be nice, and check out our Code of Conduct.












                      Bananach is a new contributor. Be nice, and check out our Code of Conduct.











                      Bananach is a new contributor. Be nice, and check out our Code of Conduct.













                       


                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function ()
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f196350%2fwhy-do-companies-not-give-root-access-to-their-employees%23new-answer', 'question_page');

                      );

                      Post as a guest
































































                      Comments

                      Post a Comment

                      Popular posts from this blog

                      What does second last employer means? [closed]

                      Image
                      Clash Royale CLAN TAG #URR8PPP .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0; up vote -3 down vote favorite Say, for example I have worked in the following companies, Company A => 2010 - 2011 Company B => 2011 - 2012 Company C => 2012 - Till Date Company D => Have offer Now assume Company D is asking to submit documents from my second last employer. So from the list of companies given, which company would be qualified as second last employer? software-industry employer share | improve this question asked Aug 10 '14 at 5:16 Rajaprabhu Aravindasamy 559 1 6 13 closed as off-topic by Jim G., jmort253 ♦ Aug 11 '14 at 1:58 This question appears to be off-topic. The users who voted to close gave this specific reason: "Questions seeking advice on company-specific regulations, agreements, or policies should be directed to your manager or HR department. Questions that address...
                      Read more

                      List of Gilmore Girls characters

                      Image
                      The season three cast—(Back row): Lane, Michel, Paris, Emily, Richard, Sookie, Miss Patty, Kirk; Front row: Jess, Luke, Lorelai, Rory, Dean This is a list of characters for the comedy-drama television series Gilmore Girls . Contents 1 Main characters 1.1 Lorelai Gilmore 1.2 Rory Gilmore 1.3 Sookie St. James 1.4 Lane Kim 1.5 Michel Gerard 1.6 Luke Danes 1.7 Emily Gilmore 1.8 Richard Gilmore 1.9 Paris Geller 1.10 Dean Forester 1.11 Jess Mariano 1.12 Kirk Gleason 1.13 Jason Stiles 1.14 Logan Huntzberger 2 Major recurring characters 2.1 Christopher Hayden 2.2 Jackson Belleville 2.3 Mrs. Kim 2.4 Tristin DuGray 2.5 Max Medina 2.6 Taylor Doose 2.7 Dave Rygalski 2.8 Marty 3 Recurring characters 3.1 Stars Hollow 3.2 Chilton 3.3 Yale 3.4 Other 4 Notable guest stars 5 Unseen characters 6 Notes 7 References Main characters Actor Character Appearances Season 1 Season 2 Season 3 Season 4 Season 5 Season 6 Season 7 A Year in the Life Lauren Graham Lorelai Gilmore...
                      Read more

                      One-line joke

                      A one-liner is a joke that is delivered in a single line. A good one-liner is said to be pithy - concise and meaningful. [1] Comedians and actors use this comedic method as part of their act, e.g. Jimmy Carr, Tommy Cooper, Rodney Dangerfield, Norm Macdonald, Ken Dodd, Stewart Francis, Zach Galifianakis, Mitch Hedberg, Anthony Jeselnik, Milton Jones, Shappi Khorsandi, Jay London, Mark Linn-Baker, Demetri Martin, Groucho Marx, Dan Mintz, Emo Philips, Tim Vine, Steven Wright and Henny Youngman and Arnold Schwarzenegger. [ citation needed ] Many fictional characters are also known to deliver one-liners, including James Bond, who usually includes pithy and laconic quips after disposing of a villain. [ citation needed ] Examples "A baby seal walks into a club." "A dyslexic man walks into a bra." (Anonymous) "There are three types of people, those who can count and those who can't." "Venison's dear, isn't it?" (Jimmy Carr) "An escala...
                      Read more