On Thu, Dec 01, 2005 at 11:16:58PM -0500, Claude Jones wrote: > must go on to get at root's privileges, by changing his username. What is > the advantage of every Linux system having this same user, 'root'? I make > it a point when securing a Windows server of always deleting the > administrator account and creating a new account with membership in > administrators for administration purposes. Why is that concept flawed, or > feeble, as you put it? It pretty much goes downhill from there with > Windows, but, I see nothing wrong with that particular feature. For this reason, I prefer to make it so the root account doesn't allow ssh logins, or even restrict logins to a given set of users -- edit /etc/ssh/sshd_config (see old threads here for details). Beyond that, the name you pick doesn't really matter, since the power is in uid/gid 0, not in the name. And, someone trying to break in other than through password-guessing (which they won't even be able to try if you block external root logins) won't care what the name is; they'll aim for uid 0. (In fact, a common system-hacker thing to do is create a second account with uid 0. -- Matthew Miller mattdm@xxxxxxxxxx <http://mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/>
