On Thu, 2005-10-27 at 00:54 +0100, Jonathan Rawle wrote: > Michael A. Peters wrote: > > > > > It's a known user ID on a system, and an incredibly powerful one. > > No one will have root access that doesn't have a regular user account as > > well, therefore, forcing remote root users to first log in as their > > regular user and then su to root prevents a known username that happens > > to be all powerful from being bute-forced. > > The only problem I've found with this is that X applications fail after > using su. But it's OK if you only need to use text-based admin tools. > I have never had an X app fail as a result of using su. Most of my admin stuff is done from an xterm window or a gnome terminal window. > -- > http://jonathan.rawle.org/ > >
