On Fri December 2 2005 8:23 am, Matthew Miller wrote: > Beyond that, the name you pick doesn't really matter, since the power is in > uid/gid 0, not in the name. And, someone trying to break in other than > through password-guessing (which they won't even be able to try if you > block external root logins) won't care what the name is; they'll aim for > uid 0. (In fact, a common system-hacker thing to do is create a second > account with uid 0. This is getting at what I was trying to understand - This raises another question. A constant suggestion I've read is to block root logins and use sudo. If someone breaks in using my login/pw combo, what's to prevent them from using sudo to get root privileges? If they've hacked my username/password, then wouldn't sudo be the first thing they'd try, too? -- Claude Jones Bluemont, VA, USA
