Howdy.

> Someone mentioned that if you're worried about your sysadmin looking at
> files he shouldn't, then you need to get a new sysadmin, that is true
> if he goes to extraordinary lengths to gain unauthorized access, but
> the temptation to peek at a file is very tempting.

In my experience as a sysadmin and mail administrator etc. I have been
asked about this several times, by people trying to understand the role
of a sysadmin in a large company in which some information is sensitive.

Without encryption it is not possible to "lock out" the sysadmin (or any-
one else with access to the hardware) from sensitive files.  Even with
encryption, frequently it was the sysadmin who set up the encryption
system and set the encryption passwords for the users.

However, my standard explanation is that a true professional sysadmin will
respect the company's confidential information as well as personal confi-
dential information in general, simply because we have way better things
to do than snoop through stuff that isn't ours.  (And if I didn't have
better things to do, then I would not be a true professional.)

I would have to be seriously bored to start thinking about looking
through files on the systems, most of which would not be of interest
anyway.  So far that has never happened...

--
Jim Ockers (ockers@ockers.net)
Contact info: please see http://www.ockers.net/

Fight Spam! Join CAUCE (Coalition Against Unsolicited Commercial Email)
at http://www.cauce.org/ .