Jesse P Schultz on Mon, 1 Jul 2002 15:40:17 +0200


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] log as root or not ?


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

christophe barbé wrote:


| My question is : Is there a good reason to avoid log in as root | directly when using a secured channel ?


Yes. Occassionally, we all get stupid. Whe you are root, stupid can really screw up the system. If you always log in as a normal user, then su to root, it helps you to not forget roots power.

Also, if you are interacting with the internet as root, via a browser or
~ email client, then a malicious site or email which you read or visit
can  do damage as root.  The biggist advantage of Linux/unix when using
the internet is the ability to safely do this as not root.

Even if you only have one system which you use as a work station, when
you transition to root, you put on your admin hat, you are not just a
user, you are the great and terrible admin and must have respect for
your own power.

This, of course, applys to both local and remote.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7-nullify-r3 (Windows 98)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE9IFOJK3KGHMBjApYRAlguAJ4uZZye2JzL8Edw3L9EyxU32BGrJgCgsrMB
i4u8a//L3UiBWGkk3xGfqJs=
=oP92
-----END PGP SIGNATURE-----


______________________________________________________________________ Philadelphia Linux Users Group - http://www.phillylinux.org Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce General Discussion - http://lists.phillylinux.org/mail/listinfo/plug