An anonymous reader writes: Practically every computer system appears to be at the mercy of at least one individual who holds root or whatever other superuser identity can destroy (or subvert, etc.) that system. Each application on a system has the same weakness. However, making a system require multiple individuals for any root operation (think of the classic two-keys to launch a nuke) has shortcomings: simple operations sometimes require root, and would be enormously cumbersome if they needed a consensus of administrators to execute. There is the idea of a Distributed Administration Network, which is like a cluster of independently-administered servers, but this is a limited case for deployment of certain applications... and anyway it is still presumably vaporware. Are there more sweeping yet practical solutions out there for avoiding the weakness of a singular empowered superuser?