Tracy R Reed wrote:
Todd Walton wrote:
The Future of SELinux
http://securityblog.org/brindle/2006/08/24/the-future-of-selinux-or-how-we-are-going-to-take-over-the-world/
I agree with this 100%. We do need to get rid of the root user. RedHat
shouldn't even configure a root password. It should instead configure a
regular user password and give that user sudo. All of the new servers I
If you don't configure a root password, obviously that will prevent one
from logging in as root. But would it prevent one from "sudo su -"? I
mean, not configuring root's password wouldn't actually prevent root's
account from existing, would it?
Is there much of a difference between logging in as root and becoming
root via "sudo su -"? (I realize that the latter will be logged
somewhere showing who "became" root and that the former cannot show who
logged in as root.)
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
