Actually, the default of assigning the main user the *profile* of
Primary Administrator is the loophole that leads to what you're
describing. It's a known issue tracked under bug 4885:
http://defect.opensolaris.org/bz/show_bug.cgi?id=4885
Gary Gendel wrote:
On a side note...
Is there a good tutorial on why root as a role is better than root as an
account? I just can't seem to get my head around this. If someone has access
to my account, then they can use pfexec to do damage without even entering a
password. With a root account, disabled for remote login, I have at least one
more level of password protection using su.
Gary
_______________________________________________
opensolaris-discuss mailing list
[email protected]
