Hi,
There has been a lot of discussion about changing the root password to let
it differ from the admin password. The mean argument was: when they got the
admin password, they won't have the root password. The argument against this
was: when the got the admin password, the can change it in the GUI, which
changes the root password as well.
In /usr/lib/perl5/site_perl/5.005/Cobalt/User.pm, in the sub user_mod, there
is this loop:
##
while (<PASSWD>)
{
if (/^$Adminuser:/o)
{
print PTMP "$name:$pass:$uid:$gid:$desc:$dir:$shell\n";
}
elsif (/^root:/o)
{
print PTMP "root:$pass:0:0:Root:/root:/bin/sh\n";
}
else
{
print PTMP;
}
}
##
By commenting out the line starting with
print PTMP "root:
I will make sure the root password will not change when I change the admin
password in the GUI.
I can only come up with 2 reasons why this is a bad idea:
- locking out if root password forgotten.
- warranty-issues (well...)
My questions:
- Are there more arguments against doing this?
- Will the button on the frontpanel still work, as to reset the root
password? Or is this only for admin?
Thanks,
Jelmer
-----------------------------------------------------------------
Jelmer Jellema - Spin in het Web
www.spininhetweb.nl
Spin in het Web: Alle Touwtjes In Handen
-----------------------------------------------------------------
Spin in het Web is de producent van:
www.visinhetnet.nl: Niet Het Laatste Nieuws
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
