-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> From: Graeme Robinson [mailto:[EMAIL PROTECTED]]
> Not that we ever use the root account for remote administering do
> we?
To remotely log in as root? No; I connect as a user and then su.
> One of the first things you will do in setting up a server is
> create a user account for yourself, set the shell for your account
> to /bin/bash and then give your account equivalent root sudo
> privileges in /etc/sudoers.
I'd agree with the first two steps, but the third seems like you'd
be back to the equivalent of just logging in as root. A little
better, I guess, as an attacker would need to know what accout to try
to crack, but once they're in, it's just a matter of 'sudo rm -rf /".
If you have to su, you also need the root password. Of course, it's
entirely possible I'm missing something.
- --
Dan Brown, KE6MKS, [EMAIL PROTECTED]
"Since all the world is but a story, it were well for thee to buy the
more enduring story rather than the story that is less enduring."
-- The Judgment of St. Colum Cille
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.4
iQA/AwUBPLt+P36CI7gsQbX8EQKLngCg7JqF5yEWZG0dNwQstzosZCiFQkYAoNKO
uKM8O3jOMBwO5MgpYIvQxr+n
=+/gk
-----END PGP SIGNATURE-----
--
Please report bugs to [EMAIL PROTECTED]
Please mail [EMAIL PROTECTED] (only) to discuss security issues
Support for registered customers and partners to [EMAIL PROTECTED]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
