Home | Content | Search | Navigation | Indexes
 

Mailinglist Archive: opensuse (3394 mails)

< Previous Next >
Re: [SLE] Making yourself have root permissions
  • From: sander.van.vugt@xxxxxxxx (Sander van Vugt)
  • Date: Tue, 7 Mar 2000 16:50:01 +0100
  • Message-id: <010d01bf884c$d749e720$65bfa8c0@xxxxxxxx>



> LOL; perhaps it's not as simple as making a connection to the box and
walking
> in `the front door', as Jerry put it, but it's certainly unwise. Anyway,
why
> are you asking? Why would you log in as root unless you are doing
> *system*administration*? The root account (AKA Super User account) is
*ONLY*
> for system administration when a privelaged user is not enough. Any time
you
> use the root account, you're asking for real trouble, with or without an
> Internet connection.

You're perfectly right when you say that you only have to log in as root to
do system administration, I totally agree, but the reason I am asking is
that some people say you make it easy for a cracker to abuse your system
when you are logged in as root and I have never heard any reasons why
exactly that is so. Yes, I know you can do some really stupid things to your
own system when you have to many rights on it, but it simply seems like a
*myth* that my system is easier to hack when I'm logged in as root, so
please, if it can be done, give me examples of *how* my system can be hacked
then.

As for why I'm asking? I consider Linux a good and secure system (if
configured the right way), and I really like to know about weak point. Being
logged in as root which gives more opportunities for the hacker seems a weak
point to me. Luckily, I didn't hear anyone explain as for now where exactly
this weak point exists and how a hacker can abuse it.

Sander

**********************************************************************
Disclaimer

This email is confidential and intended solely for the use of
the individual to whom it is addressed. Any views or opinions
presented are solely those of the author and do not
necessarily represent those of the Azlan Holdings bv and/or
subsidiary. If you are not the intended recipient, be advised
that you have received this email in error and that any use,
dissemination, forwarding, printing, or copying of this email
is strictly prohibited.

If you have received this email in error please notify
Azlan Holdings MIS Helpdesk by telephone on
+31 (0) 79 3443200.

**********************************************************************


--
To unsubscribe send e-mail to suse-linux-e-unsubscribe@xxxxxxxx
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/


< Previous Next >
Follow Ups
References