23 Jan
2003
23 Jan
'03
22:15
On Fri, 17 Jan 2003 keith.anthony.roberts@bigfoot.com wrote:
Surely it would be more difficult for any attacker to break into Linux if they did not know the username for the root account?
just one more command necessary: /bin/cat /etc/passwd and soon I'll see which username is used for UID 0, that's it. have not followed all replies in detail, but root is just a name, i.g. you may replace it by any other valid username. In theory it will work, in praxis you'll have problems with some programs (in particular those which use root as username instead of UID 0). Things might get more complicated for attackers if you use for example LDAP as authentification, there it's not that simple to get valid usernames. Achim