On Mon, Oct 30, 2006 at 06:58:03AM -0400, frank claessen wrote: > Edubuntu asks for one user only and that is an administrative user. For > security reasons I don;t think this is a good idea.
Why not? How is this inherently less secure than a root account? By creating an initial priveleged user, that executes commands via the sudo command, you have better, fined grain control. For starters, anything issued via the sudo command is logged. Not so for a root login. As well, it more directly ties admin privs to a real userid, as opposed to the nebulous "root" account. In addition to this, every external hacker knows that any unix-like box has a "root" account, and so, it's frequently the subject of brute-force password attacks. Leaving this account disabled by default eliminates this worry. There's an entire wiki page documenting all these reasons, at the Ubuntu site. You might want to check it out. > Later on you can > change the password for the root account while being logged an as the > user that was created during installation ?!?!!!! Sure, it's still Linux, and there's nothing to stop a knowlegeble admin who's used to the old idea of an enabled root account from simply adding the password. The idea here is to *ship the OS in a default secure state*. There's nothing stopping me from creating users with empty passwords either. Or enabling writable anonymous FTP sites. Or installing the old rsh style commands. Nothing *STOPS* you from making your system *LESS* secure. That's the admin's choice. > Unbelievable!! How so? > Would like to know what others think about this. I would prefer the way > of the other distro's The key phrase in your email is "..other distros...". Other distros do it the traditional way. Ubuntu is doing something new, which has been proven to be no *less* secure than the old way, and certainly, one command post install (sudo passwd root) gets you "the old way" that you seem to like. Seems like an easy solution to me. Scott -- Scott L. Balneaves | "Looking beyond the embers of bridges glowing behind us Systems Department | To a glimpse of how green it was on the other side..." Legal Aid Manitoba | -- Pink Floyd "High Hopes" -- edubuntu-devel mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/edubuntu-devel
