On Fri, 2005-12-02 at 08:47 +0200, Markku Kolkka wrote: > Claude Jones kirjoitti viestissään (lähetysaika perjantai, 2. > joulukuuta 2005 06:16): > > Why the word 'feeble'? If everyone in the > > Linux world knows that the chance is good that there is a user > > called 'root' on any given Linux box, and that user has nearly > > unrestrained privileges, why would it be feeble to double the > > guessing that must go on to get at root's privileges, by > > changing his username. > > Because the privileges are bound to UID=0, not to any particular > username. Changing the username doesn't add security in any way > because root exploits try to change the effective UID to 0 or > try to change the operation of a process already running at UID > 0. > The privileges are given to UID 0, but many things depend on the name as well so it becomes very difficult to remove the username. As long as the administrator uses strong passwords by default, changes them periodically (some say frequently), and restricts remote access to that account it is reasonably secure to have the root user there. Changing the username would add some small amount of security because then the password hacks would fail with the root account. The exploits that depend on the UID though would not be affected in any way by removing the root user. > -- > Markku Kolkka > markku.kolkka@xxxxxx >