Alexander John Batyi on Thu, 14 Oct 1999 10:14:12 -0400 (EDT)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [Plug] root user


> Bottom line, never do this. 

My bottonm line is that I have been doing this for 15 years.
I administer machines that are NOT on the internet and there
was no sudo or at least programs like that were considered
a security risk and having multiple administrators was a
must have.  I educated them (UID0 users) to change their
passwords frequently.  This eliminates coordination requirements
and allows faster responce to problems needing root intervention.
The guy who asked the question only asked how to make a user have
root privs and gave no explanation so I only directly
answered the question he asked and did not assume anything.

If you have a machine ON the net then of course do not log on to
ANY account or even su to an account that can get
root priv via sudo or ANY OTHER MEANS.
A sniffer can get the password for accounts with sudo priv as easily as
another root priv account.  sudo gives you MAYBE a false sense of
security but solves no security problems.


_______________________________________________
Plug maillist  -  Plug@lists.nothinbut.net
http://lists.nothinbut.net/mail/listinfo/plug