His comment struck me as very ironic – he said: “You know, I could flip a plane over and fly it into a mountain, but I can’t be trusted to brush my teeth during the flight.”

Kind of the same situation. The person who runs the storage has control of the world. Take the storage down, you could bring down hospitals, business, anyone really.

If they won’t give me root access to the host to verify the scripts I’m running, that’s actually *MORE* risk, not less. Because when I’m running a configuration script against the symm to de-present devices, the Symm doesn’t care if the device is in use, it’s going to mark it not-ready, unmap it from the front-end port, and if I’m dissolving the metavolume it will destroy the data.

The funny part is most of the people I work with won’t know what the script is doing, I could hand them a script to run to restore the box to a factory state and they wouldn’t know the difference.

But – I’m a professional and my job is to protect data, not to destroy it. I even make my customers sign a data-destruction letter any time I’m dissolving used (pre-owned?) devices, because I want them to understand exactly what it is I’m doing and what the risks are.

Im certain that more damage could be caused from these tools than from me logging on to the Unix servers. But hey, I wasnt about to run to the securoty guys and tell them that, as that would have meant I couldn’t do any work at all.

Funny thing was, much of the SAN kit still had default passwords for root access. Hmmmmmmm makes you wonder.

BTW we did change the default passwords

Point being, I was there for 4 months and still couldnt do my job properly, and I wasnt cheap either.