[ILUG-BOM] a secure machine has a root password that doesnt work

Philip S Tellis philip@[EMAIL-PROTECTED]
Tue Oct 22 11:54:27 IST 2002


On Tue, 22 Oct 2002, Shankar Ramchandran wrote:

> That means that the ideal security configuration is that root is
> restricted from logging in to the machine remotely and locally.  All
> administrators should log in to the machine using unprivileged
> accounts and su to root. Thus the sulog will reflect which
> administrator has logged in and su'ed to the root account.

And having a root password that doesn't work does that how?  If the root 
password doesn't work, then you cannot even su to root.

I think the original statement may have been wrong.  The root password 
needs to work, it should however only be allowed from local terminals.  
In case of booting in single user mode, or if other user accounts become 
unusable, this is the only way of getting access to the machine.

-- 
Han Solo:
	Get in there you big furry oaf! I don't care what
	you smell!






More information about the Linuxers mailing list