Re: theoretical question - can root's username be changed?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Dec 02, 2005 at 08:34:02AM -0500, Claude Jones wrote:
> This is getting at what I was trying to understand - This raises another
> question. A constant suggestion I've read is to block root logins and use
> sudo. If someone breaks in using my login/pw combo, what's to prevent them
> from using sudo to get root privileges? If they've hacked my
> username/password, then wouldn't sudo be the first thing they'd try, too?

Sudo is a compromise between convenience and higher security. 

It's not as bad as you first think, though, provided you have a good solid
password, because many security flaws grant access to an account *withuout*
a password, so the attacker may not have that.

Also, since failed sudo attempts are logged, a careful attacker may avoid
trying it until a last resort, since if the compromised account *doesn't*
have sudo access, the admins will be tipped off.

-- 
Matthew Miller           mattdm@xxxxxxxxxx          <http://mattdm.org/>
Boston University Linux      ------>              <http://linux.bu.edu/>


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux