Raul Miller wrote: > > They don't touch the root account. Instead, they clone > > it as sashroot and set the shell on the cloned account. > > > > This is mentioned in the package description.
On Sun, Sep 19, 1999 at 03:39:30PM -0700, Joey Hess wrote: > I suppose you have considered the security problems, if root forgets > to change that password when they change the main root one? Yes I did. There's not a lot I can do about this beyond advising the sysadmin that it's a good idea. It might be a good idea to write a tool to automate this reminder [Perhaps generalizing it so that if one instance of a uid has its password changed and other instances do not change the account that got changed will get a mail message suggesting that the other accounts get changed.] But I've not undertaken this project, at least not yet. I want to get sash right first. [There's still some subtle issues that I think I can handle better. See bugs.debian.org/sash for details.] -- Raul