I agree with Colin, ftoomsh is going to be used for a learning experience.
If we start to get worried about what sys admins are going to be doing and
logging every command then I think the learning experience will be lessened.
Peter's concern was that since C2 has been installed, anyone with root's
passwd can see all the users passwds unencrypted, and if users were to use
the same passwd on the other SoCS machines as they do on Ftoomsh then any
sys admin could find out other users passwds for the SoCS machines.
Just tell users to select a different passwd to the one they have on the
other SoCS machines. If they do not do this it is their fault.
The matter of trust steps in here and I think we could trust sys admins not
to go looking for other users passwds.
Jimmy and Sbg, what do you think since the decision will most likely be left
to you guys in the end?