On Friday, December 13, 2002, at 06:22 PM, John McQuillen wrote:
Never ever ever ever have users with uid 0. That is the worst possible way to give an admin root access and you're absolutely asking for trouble. All it takes is for someone to brute that users password and you've happily handed them root access. At least if they need to su (and know root's password) or use sudo (leaving an audit trail), you're going to stop the vast majority of attacks (of that sort). Even having sudo ask you for your own password, as opposed to root's, is safer. Imagine you are uid 0 and you leave your workstation without a locked screen and logged in. Even if it's on a remote system (more's the better), if you've remained logged in, I've got root. Or imagine you use ssh keys and use something like keychain that doesn't ask for your passphrase. If you were using sudo to ask for your password, I'd only have access as you, or would have to find a local exploit to obtain root. If you just gave that user uid 0 with no checks or safeguards at all, you've just made my job *real* easy.Why would that be the best solution. Why is the difference?Sure, they should always log on with their usernames, but they shouldn't
The deal is is they will be able to login to all the RedHat servers with
their usernames and won't have to remember the root password for each one.
have root privileges unless they su to root.
Normal user accounts don't have root privs for a very good reason. You shouldn't even trust yourself with root privs on your user account. If your admins can't remember the root password, they shouldn't be administering the system, IMHO...
*Exactly*.
I wouldn't do that. Make root on each system different. Use sudo (without NOPASSWORD) to give users root access or, preferrably, give them root to what they need and only what they need. If they need something else later on, you can grant them access.Make the root password for all the systems the same, rather than upping unprivileged accounts to superuser status. You are just asking for trouble, IMNSHO.
--
MandrakeSoft Security; http://www.mandrakesecure.net/
"lynx -source http://linsec.ca/vdanen.asc | gpg --import"
{FE6F2AFD: 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
PGP.sig
Description: PGP signature
