On Tue, Sep 29, 2009 at 11:51 AM, John Aldrich <[email protected]> wrote: > I believe that Ubuntu will NOT allow the admin user to log in by default ...
Ubuntu does not assign the "root" account a password during install. That means "root" cannot login. However, the first user (created during install) is automatically granted sudo privileges to run any command. Thus, "sudo -i" will give you a root shell. Kind of like RUNAS on Windows, except it actually works right for almost everything. :) And if you "sudo passwd root", you can assign the root account a password and login. > I believe Fedora will let the local admin log in all day long. Fedora doesn't stop you from logging in as "root". Fedora does, however, prompt you to create a regular user account during install, and leads you down that path fairly strongly. It's done that since day one. The real difference here is not the security model (they're very similar) but the history. Unix has been multi-user since day one, and pretty much everything expects it. While there are admins who spend too much time at the root prompt, it's almost always because they're lazy, not because they have software that doesn't work unless they do that. While there are plenty of single-terminal workstations, they're functionally identical to a multi-user system. In contrast, the Microsoft world started with a "wide open" and "single user" mentality, and still suffers from that mindset today. To their credit, Microsoft's has gotten a lot better, but it's still often a case of "we expect a single user, but allow for more than one". And the third-party application landscape -- which is, after all, the big reason for running Windows -- is a total crap-shoot. Way too much stuff doesn't run properly through RDP or RUNAS, or without admin rights, or gets confused by multiple users. So there's nothing *technically* keeping Windows from behaving well, but most Windows admins are still going to end up spending time dealing with these issues. It's depressing. Unix is completely different. In Unix land, we have a completely different set of depressing issues. ;-) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
