[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Re: Root user

To: <suse-security@xxxxxxxx>
Subject: Re: [suse-security] Re: Root user
From: "Steef de Bruijn" <steef.de.bruijn@xxxxxxxxxx>
Date: Wed, 9 Jul 2003 16:28:50 +0200 (CEST)
Delivered-to: mailing list suse-security@xxxxxxxx
Delivery-date: Wed, 09 Jul 2003 16:30:05 +0200
Envelope-to: suse@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Importance: Normal
In-reply-to: <oqisqb6bmm.fsf@xxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:suse-security-help@suse.com>
List-post: <mailto:suse-security@suse.com>
List-subscribe: <mailto:suse-security-subscribe@suse.com>
List-unsubscribe: <mailto:suse-security-unsubscribe-suse=archive.cert.uni-stuttgart.de@suse.com>
Mailing-list: contact suse-security-help@xxxxxxxx; run by ezmlm
References: <001001c34610$59214700$5b01a8c0@fnc001> <Pine.LNX.4.53.0307091351070.23375@xxxxxxxxxxxxxxxxxx> <oqisqb6bmm.fsf@xxxxxxxxxxxxxxxxxxxxxxxx>

I once read security articles which RECCOMENDED doing this. If you create
a second root account (plz name it something unusual, NOT root2 ;-) and
use this one yourself, you can disallow 'normal root acces' on services to
prevent security leaks. Also, IF someone gets through, you will notice
immediately in your logging...
-- 
Steef de Bruijn
=-->> Against HTML in e-mail and news

Francois Pinard wrote a long time ago...
> [Markus Gaugusch]
>
>> Although it IS possible to add another user with UID 0, it is not
>> recommended to do so for several reasons (and currently I'm too stupid
>> to find name one ... shame on me ;)
>
> I once used to have a `root' and a `root2', both having uid 0 in
> `/etc/passwd', and I used this for quite a while, and do not remember
> any adverse effect.  Oh, maybe that with `ls', `root2' created files
> will appear as owned by `root', but this never bothered me.
>
> So if someone was recommending me not to do so, I would be tempted to
> ask for some explicit, convincing justification.
>
> P.S. - `fou4s' has always been a little wonder.  Thanks for it! :-)
>
> --
> François Pinard   http://www.iro.umontreal.ca/~pinard



-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here

References:
- [suse-security] Root user
  - From: Chris Bek
- Re: [suse-security] Root user
  - From: Markus Gaugusch
- [suse-security] Re: Root user
  - From: Francois Pinard

Prev by Date: [suse-security] Re: Root user
Next by Date: [suse-security] Starnge situation, need help!
Previous by thread: [suse-security] Re: Root user
Next by thread: Re: [suse-security] Re: Root user
Index(es):
- Date
- Thread