What is Privilege Manager for Unix?
Privilege Manager for Unix allows system administrators to safely share the power of root and other important accounts by partitioning them among users in a secure manner. System administrators can specify the circumstances under which users may run certain programs as root (or other privileged accounts).
The result is that responsibility for such routine maintenance activities as adding user accounts and fixing line printer queues can be safely assigned to the appropriate people without disclosing the root password. The full power of root is thus protected from potential misuse or abuse, reducing the risk of system administrator error or misuse (for example, modifying databases or file permissions, erasing risks, or more subtle damage).
Furthermore, the product is capable of selectively recording all activities involving root, including all keyboard input and display output, if required. This indelible audit trail, combined with the safe partitioning of root functionality, provides an extremely secure means of sharing the power of root. A replay utility is provided to allow recorded sessions to be viewed at a later date. Privilge Manager for Unix can also require a checksum match before running any program, thereby guarding against virus or trojan horse attack on important accounts.