Joey Hess <[EMAIL PROTECTED]> writes: > Nicolás Lichtmaier wrote: > > Your point is so obvious. duh... how did I miss that? > > Of course that cracking bin would be like cracking root...! > > This is not an issue if > > a) bin has no passowrd so people cannot log in as bin > and > b) nothing on the system is suid bin
There is at least one way in which root is less vulnerable than bin to cracking. If your machine has files exported via NFS with root_squash, then somebody who cracks root on a client machine can modify files owned by bin on your machine, but not files owned by root. There may be other similar security measures aimed at protecting root in particular. Carl Witty
