Re: user with root priviledge

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Keven Ring said:
> *IF* one performs an "su -" from the prompt, there is a log of who
> logged in as root [will be one of john, bill, or sam].  *IF* one
> remotely logs in as root, then where they came from is logged [and by
> looking at who was logged on, could inform you which of john, bill, or
> same performed the dirty work].

Doesn't help if multiple users are logged and have ran "su -".  You only
get a log saying that they have ran su, not what commands they have
executed as root.

> OTOH, if rm -rf / is executed, as root, this will wipe the hard drive,
> including logs.....

That's why syslogd has a network logging function.

> [Note, I have performed this on a running system *on purpose* [it was
> going to be re-imaged anyway]].
>
> Note, also, that NFS mounts and such often require root password
> priviledges.  So, if john, bill, and sam all know root password, then
> you are setting yourself up for some bad situations.

Which is why automounting is usually set up.

-- 
William Hooper



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux