On Thu, Apr 25, Neal Gompa wrote:
Once you have an "admin user", you are allowed to not have a root user that you can log into. In my view, this is generally a good thing as it reduces the number of configured users that could be exploited.
As I did a research on this topic some months ago for another project: Most security experts do disagree with you. And even Ubuntu writes in their security documentation, that the sudo rules and not having a root user that you can log into is the weak spot in their security story and was not done for security reasons, but to avaoid that new users do everything as root and destroy their system by accident. So for supportability reasons. Thorsten -- Thorsten Kukuk, Distinguished Engineer, Senior Architect SLES & MicroOS SUSE Linux GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany GF: Felix Imendoerffer, Mary Higgins, Sri Rasiah, HRB 21284 (AG Nuernberg) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org