Tracy R Reed wrote: > Todd Walton wrote: > >The Future of SELinux > >http://securityblog.org/brindle/2006/08/24/the-future-of-selinux-or-how-we-are-going-to-take-over-the-world/ > > I agree with this 100%. We do need to get rid of the root user.
What wll that be replaced by? There are some things that a mere user cannot do. They cannot send raw packets. They cannot bind to port <1025. They cannot add users. They cannot write to the / directory. Do you want to grant every user that, or so finely grain control the system that each of these administrative tasks each require a separate authetication (read: a password for each task). > RedHat shouldn't even configure a root password. It should instead > configure a regular user password and give that user sudo. Guess what. Sudo uses the root user, for the most part. Sudo s a SUID root application. How is that going to work, when there is no root user? The problem with Red Hat is this: % grep :S: /etc/inittab zsh: exit 1 grep :S: /etc/inittab That means you boot into single user mode, and you don't even need a password to get in. A more reasonable system: % grep :S: /etc/inittab ~:S:wait:/sbin/sulogin > SE Linux is the technology we need to embrace if we really want to > avoid becoming a serious target for viruses and trojans like MS > Windows. This sounds like snake oil to prevent the sky from falling. I don't buy it. > A while back Michael Robertson said everything should run as root and > that if even if a user runs everything as his own UID and gets exploited > he can still lose everything in his homedir which is all that matters to > him. SE Linux can negate that argument as well. I disagreed with Michael when he said that. I also disagree with the counter argument: No privledged user should exist. They are both the same thing. If everyone is the same, then everyone is root. And what about single user mode? Who logs in, when there is no root? -john NB: I did not read the article. I have no idea what it says. I did search through it enough to see that it does not say to *remove* the root user, merely to make it powerless for login purposes. -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
