On Monday 03 May 2010 03:31:08 Michał Górny wrote:
On Sun, 2 May 2010 23:57:53 +0200 Enrico Weigelt wrote:
* Alec Warner anta...@gentoo.org schrieb:
Except as stated they are not fixed (as Fabian pointed out). I'm
happy to support something like setting ROOT_UID and ROOT_GID in
On Sun, 2 May 2010 23:57:53 +0200
Enrico Weigelt weig...@metux.de wrote:
* Alec Warner anta...@gentoo.org schrieb:
Except as stated they are not fixed (as Fabian pointed out). I'm
happy to support something like setting ROOT_UID and ROOT_GID in
gentoo-x86 profiles and using those. Then
On 05/02/10 16:13, Stefan Behte wrote:
Hi,
in some environments you have to rename root to something else, just
to be compliant to a (maybe dumb) security policy. This might be the
case for PCI, and as far as I remember, it is necessary (not just
recommended) for a BSI Grundschutz
Hi,
in some environments you have to rename root to something else, just
to be compliant to a (maybe dumb) security policy. This might be the
case for PCI, and as far as I remember, it is necessary (not just
recommended) for a BSI Grundschutz certification (meaning something
like basic security
02.05.2010 17:23, Krzysztof Pawlik wrote:
Interesting... to me that's not only stupid but also kinda useless - there's
no
difference between brute-forcing a password for user named 'foo' or 'root' -
user name doesn't matter much.
It's better to disable password-based remote login altogether
* Alec Warner anta...@gentoo.org schrieb:
Except as stated they are not fixed (as Fabian pointed out). I'm
happy to support something like setting ROOT_UID and ROOT_GID in
gentoo-x86 profiles and using those. Then if you want to do something
utterly ridiculous to your system you can just
* Krzysztof Pawlik nelch...@gentoo.org schrieb:
Interesting... to me that's not only stupid but also kinda useless - there's
no
difference between brute-forcing a password for user named 'foo' or 'root' -
user name doesn't matter much. Actually according to my ssh logs attackers
usually
* Stefan Behte cr...@gentoo.org schrieb:
in some environments you have to rename root to something else, just
to be compliant to a (maybe dumb) security policy. This might be the
case for PCI, and as far as I remember, it is necessary (not just
recommended) for a BSI Grundschutz certification
Hello,
I would like to put an emphasis on the fact that many eclasses
and ebuilds in gx86 are relying on an assumption that the superuser
account is always supposed to be named 'root'.
In fact, no such constraint exists. Although most users will never even
think of changing the superuser account
On 30-04-2010 20:07:26 +0200, Michał Górny wrote:
In my opinion, that policy should clearly indicate that the numeric
UID/GID should be always used for referencing the superuser account
as they are fixed unlike the names.
Just to complicate matters a bit, there are platforms where the
On Fri, Apr 30, 2010 at 11:07 AM, Michał Górny gen...@mgorny.alt.pl wrote:
Hello,
I would like to put an emphasis on the fact that many eclasses
and ebuilds in gx86 are relying on an assumption that the superuser
account is always supposed to be named 'root'.
In fact, no such constraint
On Fri, Apr 30, 2010 at 11:07 AM, Michał Górny gen...@mgorny.alt.pl wrote:
Hello,
I would like to put an emphasis on the fact that many eclasses
and ebuilds in gx86 are relying on an assumption that the superuser
account is always supposed to be named 'root'.
In fact, no such constraint
12 matches
Mail list logo
