Mailinglist Archive: opensuse-security (228 mails)

< Previous Next >
Problem with second user with uid 0?
  • From: Frank Steiner <fsteiner-mail@xxxxxxxxxxxxxx>
  • Date: Thu, 10 Mar 2005 10:52:48 +0100
  • Message-id: <423018F0.9070306@xxxxxxxxxxxxxx>
Hi,

are there any security (or other) problems when having a second user
with uid 0?
We would like to mainain a user "rootid" which has uid 0 and should
be used for normal users logging in as root when the admin (me) is
e.g. on holidays and sth. fails and needs to be repaired. For this,
we have sealed envelopes with the root passwords which some users
can open to get the password (the boss wants it like that).

To avoid changing "my" root password afterwards, users should get the
password for "rootid" and work with that account. After my return,
I would just have to change the rootid password and could still work
with my normal root password. "sudo" etc. is not a real solution,
because users might need to login during boot when fsck fails. And
then you need a root password and no sudo etc.

Are there any problem with such a setup? Of course the rootid account
must be protected the same way the root account is.

In a first test, I could do anything with the rootid user, but I'm not
sure if there are any security traps that I don't recognize...

cu,
Frank


--
Dipl.-Inform. Frank Steiner Web: http://www.bio.ifi.lmu.de/~steiner/
Lehrstuhl f. Bioinformatik Mail: http://www.bio.ifi.lmu.de/~steiner/m/
LMU, Amalienstr 17 Phone: +49 89 2180-4049
80333 Muenchen, Germany Fax: -4054
* Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. *

< Previous Next >