----- Original Message ----- From: "Gerald Waugh" <[EMAIL PROTECTED]>
> <snip> > > > > I think you'd still have a security hole. While I prefer separate > > passwords for admin and root, there's no easy way to do that >> on the RaQ. > How difficult is it to ssh into the RaQ and issue > su - > prompt password: enter admin/root password > passwd root > prompt for password: enter new root password > prompt for password: enter new root password > You now have different passwords for admin - root > <snip>-- *IF* a hakker has the root password, yer box is owned. If they get the admin password, they go to the GUI and change the admin password which changes the root pass to match and your still screwed. I'm still looking for the benefit of having separate passwords on the Raq? I assumed this is why Jeff said 'no easy way' to do this on a Raq? Max a.k.a Dave~ who changed his sig. since there seems to be many Daves here... _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
