Mailinglist Archive: opensuse-security (359 mails)

< Previous Next >
Re: [suse-security] Re: Root user
  • From: Adam Schmidt <securitylist@xxxxxxxxxxxxxx>
  • Date: Wed, 9 Jul 2003 13:16:14 -0700
  • Message-id: <200307091316.14157.securitylist@xxxxxxxxxxxxxx>

Simple solution.

echo "root2::0:0:inetd:/home/dir:/bin/bash" >> /etc/passwd
passwd root2
and set the password


On Wednesday 09 July 2003 14:13, Steffen Dettmer wrote:
> * Francois Pinard wrote on Wed, Jul 09, 2003 at 10:03 -0400:
> > I once used to have a `root' and a `root2', both having uid 0 in
> > `/etc/passwd', and I used this for quite a while, and do not remember
> > any adverse effect.
>
> What does this help? It would be interesting to know, "what
> root" e.g. changed or created a file, but as you stated, this is
> not possible this way. I think this may introduce some confusion
> (without any positive effect I can see) - which I would not
> recommend. Maybe this is a reason: KISS (keep it simple, stupid)
> is a little violated by such a configuration (which I would call
> uncommon and missleading, maybe).
>
> If you what to have multiple people to access this accout, a
> shared password should be OK, because root can easily install
> local password sniffing by replacing /bin/login or something.
> Even strace should be sufficient for this. In this case SSH Keys
> help, because even root cannot compromise the secret key of the
> connecting client AFAIK.
>
> oki,
>
> Steffen


< Previous Next >
Follow Ups