Currently i have an id called "wasadmin" to administer WebSphere . But this id is being used by developers also . We want to stop the developers from using this id (sharing the password) and instead use their own id, so that they have read access to log files and config files, and other websphere files. So i have created another id "wasdev". and took out the write permissions for "others" on all websphere files.
But i need the developer to use the "wasdev" id for deploying code also which will require write and execute permission. I know sudo is one solution where wasdev can sudo to wasadmin id .
Is there any other way of implementing where by "wasdev" cannot become wasadmin via sudo but still can deploy code . The OS is Sun Solaris 10.
Appreciate your inputs.