Mailinglist Archive: opensuse-security (396 mails)
| < Previous | Next > |
Re: [suse-security] Secure root alias logins
- From: Michael Heide <michael.heide@xxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 17 Jan 2003 00:15:21 +0100
- Message-id: <200301170015.21649.michael.heide@xxxxxxxxxxxxxxxxxxxxx>
> why not disable su and root/ssh completely and use sudo instead?
> sudo has a simple configuration file and lets system users issue
> commands as root. the commands are limited to those permitted in the
> configuration file.
for paranoids like you it is best to disable root complete except in boot-scripts.
disable su, root/ssh, sudo etc completely.
but even this system won't be 100% secure!
and if you want to (for example) install some new software you have to reboot (boot from cd or floppy)
greetings
Michael
--
Der süsse Pinguin ist mir lieber als die kleinen weichen, die einem nur kaputte Fenster verkaufen
> sudo has a simple configuration file and lets system users issue
> commands as root. the commands are limited to those permitted in the
> configuration file.
for paranoids like you it is best to disable root complete except in boot-scripts.
disable su, root/ssh, sudo etc completely.
but even this system won't be 100% secure!
and if you want to (for example) install some new software you have to reboot (boot from cd or floppy)
greetings
Michael
--
Der süsse Pinguin ist mir lieber als die kleinen weichen, die einem nur kaputte Fenster verkaufen
| < Previous | Next > |