[CLUE-Tech] Sys Admin security and user directory security

[Jeremiah Stanley]

> I've got a question that I have not been able to answer: How can you
> provide system security and directory security at the same time with
> different people?  For example, I'd like to let the sysadmin handle
> all of the upgrades, updates, etc for the computer security but NOT
> allow the sysadmin to view the financials in /home/kevin directory.
> I'm assuming this is possible, but how does one go about it?

This to me sounds like an ethics issue. The administrator is always going 
to have access to everything. You just have to trust/pay them enough that 
they won't. Have them sign privacy statements and user agreements if that 
is your legal bag. 

One simple way, encrypt the data (PGP/GPG come to mind). And the admin 
will not know the passphrase for the key. I think that both of these 
follow the KISS principal pretty well.

JStanley
-- 
Everybody has a right to be stupid, but some people abuse the privilege.
		- Joseph Stalin