As far as "a system maintenance account" goes... this is simply an "ordinary-Joe userid" that you put on when you are maintaining applications on the system, in other words, stuff that you might put in /usr/local
. It's where you keep notes and records about what you've done.
The system maintenance account might have sudo
privileges, or more extensive ones. It might belong to groups that other users do not belong to, and when installing new software you newgrp
to that group, temporarily giving yourself access to those locations (such as, for example, /usr/local
). You see, now these areas are protected in two ways:
- You must explicitly log-on to the maintenance account.
- While there, you must explicitly use newgrp.
And, "the core system files, kernel-image and so-on" are still
read-only to you. By design, your role is expanded,
but not unlimited.
It is exactly the same concept as "giving the accountant a private office." Even if there was only one person in your office, namely you, you might still "go into the accountant's office" to do accounting, then "lock the door behind you" when you're through, walking over to the next office to assume that
role. It's simply using existing security-facilities in a (self-)
disciplined way. Someone who breaks into your office won't find that now all of the doors are unlocked: he can only get to the hallway and the break-room.
Really, we are applying the same "common sense ideas" that we use every day in our homes and offices, to our computers. Even high-powered executives routinely do million-dollar work on personal computers with no thought given
to very, very basic security. And automated scripts simply ferret them out. The scripts generally don't "try to break in" ... they look for sitting ducks,
and find them by the thousands.
The concept of Access Control Lists (ACLs) is very useful for fine-grained control, but that's beginning to get esoteric. Let's just say that "very fancy control-mechanisms do exist." The main goal to accomplish first is .. simply .. self-disciplined use of the ordinary Linux features, to make one's system "a little less than trivial (actually, a whole lot less
than trivial)" to break into.