Sander van Vugt wrote:
I'm sorry to be a pain-in-the-ass, but if I understand it correctly, the only downside of being logged in as root, is that I might be sleepy and do something stupid to myself. I still don't see the security risk in relation to potential hackers, like there was, for example in Netware 3.11.
Depends. 1) You leave yourself logged in and go for lunch. Somebody walks in and uses the machine. 2) Somebody breaks into your user account. Since you have a different password for the root account they don't get anywhere but if your user account has full root privileges? 3) Someone replaces ls,rm,df,more,less pick your favorite command with something nasty. You don't even need to replace the ones in /bin. You just put the fake ls command into a dir that you think the sysadmin will trip over. Say you know the sysadmin will get upset about all your diskuse and will come a do a ls in your home directory. If the persons path includes . higher then /bin they will use the one in . Thats just off the top of my head. I'm sure somebody else will come up with better examples. Nick -- -------------------------------------------------- Nick Zentena "Microsoft has unjustifiably jeopardized the stability and security of the operating system." U.S. District Judge Thomas Penfield Jackson Nov 5/1999 -------------------------------------------------- -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/