Re: [SLE] setting multiple user id to 0 (zero) is bad ! Why?
Thanks Ken but I doubt anyone would hack the box, It isn't online as in the internet, 99% of the PCs are standalone, and only dial directly into our server which is hosted by us . You would need to their phone number which most of them don't even know, and then you would need the root passwd, and all the accounts have pretty good passwds. And I doubt that there are people in SA who sit behind a modem and randomly dial number to see if there is a modem on the other side. I guess the fact that the new systems which I have done , and which are working properly compared to the existing ones, will eventually prove my point. Cheers On Thursday 30 June 2005 14:32, Ken Schneider wrote:
Replying off list.
Have someone hack into their box and find out how fast they change their tune.
On Thu, 2005-06-30 at 09:53 +0200, Chadley Wilson wrote:
Greetings,
Friends, I am in a situation with my one clients who use - (Yes that one again!!), uucp.
Now their previous techies set all the user id's for the system to 0 (zero) Oh! and all the GID's as well. Now I have come in and had to fix this, but I get resistance.
I have only one good reason why not to right now,
with uucp on one site all the files are transfered but not removed from the queue, only when I set the user id to 14 (IIRC) and the GID to 512, and of course changed all the on the relevant configs and files, would it clean the remote queue. This reason however has been flawed as we have other sites that work properly with all the UID's and GID's set to 0 (zero).
I need more reasons, explaining how this affects the system integrity, and functionality, the trick here is they don't give two hoots about the security aspect. So to win my case professionally and cleverly, I ask for real opinions and reasons.
Could you please assist.
-- -- Chadley Wilson Production Line Superintendant Pinnacle Micro Manufacturers of Proline Computers ==================================== Exercise freedom, Use LINUX =====================================
-- -- Chadley Wilson Production Line Superintendant Pinnacle Micro Manufacturers of Proline Computers ==================================== Exercise freedom, Use LINUX =====================================
participants (1)
-
Chadley Wilson