Incoming from Aaron Seigo: > On October 5, 2004 9:02, s. keeling wrote: > > In some jurisdictions, doing what you're asking would open you up to > > accusations of complicity and legal action on the part of third > > parties attacked by your network. > > i'd be surprised if allowing remote root logins would create any sort of > resultant liability issues.
"In some jurisdictions ..." US tort law is broken. Any nitwit can drag you into court and sue you with few to no ramifications. At least here, the loser generally has to pay court costs. > ........................... in fact, it's probably easier for a cracker to .......................................^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > gain root once local to the box than it is to do so remotely using a password ..^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Is that not an argument in favour of forcing them to get a local account first?!? > attack. and it's not like they can't do a password attack if they log in as a > user. ... And if your root account is still intact, and you have enough smarts to watch the box and its logs, presumably you'll receive some notification that it's happening. If he has root, he can do it stealthily, and you'll only hear about it when someone complains. If you have any reasonable justifications to throw away good security practices, by all means, tell us. "It's a pain" is hardly in that category. -- Any technology distinguishable from magic is insufficiently advanced. (*) http://www.spots.ab.ca/~keeling - - _______________________________________________ clug-talk mailing list [EMAIL PROTECTED] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
