Mailinglist Archive: opensuse-security (359 mails)

< Previous Next >
Re: [suse-security] Re: Root user
  • From: "Steef de Bruijn" <steef.de.bruijn@xxxxxxxxxx>
  • Date: Wed, 9 Jul 2003 16:28:50 +0200 (CEST)
  • Message-id: <34285.159.46.248.220.1057760930.squirrel@xxxxxxxxxxxxxxxx>
I once read security articles which RECCOMENDED doing this. If you create
a second root account (plz name it something unusual, NOT root2 ;-) and
use this one yourself, you can disallow 'normal root acces' on services to
prevent security leaks. Also, IF someone gets through, you will notice
immediately in your logging...
--
Steef de Bruijn
=-->> Against HTML in e-mail and news

Francois Pinard wrote a long time ago...
> [Markus Gaugusch]
>
>> Although it IS possible to add another user with UID 0, it is not
>> recommended to do so for several reasons (and currently I'm too stupid
>> to find name one ... shame on me ;)
>
> I once used to have a `root' and a `root2', both having uid 0 in
> `/etc/passwd', and I used this for quite a while, and do not remember
> any adverse effect. Oh, maybe that with `ls', `root2' created files
> will appear as owned by `root', but this never bothered me.
>
> So if someone was recommending me not to do so, I would be tempted to
> ask for some explicit, convincing justification.
>
> P.S. - `fou4s' has always been a little wonder. Thanks for it! :-)
>
> --
> Fran├žois Pinard http://www.iro.umontreal.ca/~pinard



< Previous Next >