$count = @{[$_ =~ /$match/g]};
if($count > 0) {
$flag = 1;
}
}
close SBUFF;
if($flag == 1) {
"ssh $server -x -o batchmode=yes shutdown -r now"
}
}
Administration Level Security
Mac OS X Server can use another level of access control for added security.
Administrators can be assigned to services they can congure. These limitations are
enacted on a server-by-server basis. This method can be used by an administrator with
no restrictions to assign administrative duties to other admin group users.
This results in a tiered administration model, where some administrators have more
privileges than others for assigned services. This results in a method of access control
for individual server features and services.
For example, Alice (the lead administrator) has control over all services on a given
server and can limit the ability of other admin group users (like Bob and Cathy) to
change settings on the server. She can assign DNS and Firewall service administration
to Bob, while leaving Mail service administration to Cathy.
In this scenario, Cathy can’t change the rewall or any service other than mail. Likewise,
Bob can’t change any services outside of his assigned services.
Tiered administration controls are eective in Server Admin and the serveradmin
command-line tool. They are not eective against modifying UNIX conguration les
throughout the system. Protect UNIX conguration les with POSIX-type permissions
or ACLs.
Setting Administration Level Privileges
Mac OS X Server can use another level of access control for added security.
Administrators can be limited to specic services they can congure. These limitations
are enacted on a server-by-server basis. This method can be used by an administrator
with no restrictions to assign administrative duties to other admin group users.
This results in a tiered administration model, where some administrators have more
privileges than others for their assigned services. This results in a kind of access control
for individual server features and services.
74 Chapter 4 Enhancing Security
