>
> --YjUCIDG0UL7zSTfa
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline
> Content-Transfer-Encoding: quoted-printable
>
> On Friday, June 09 2000, John Summerfield may have said:
>
> > > of getting a login shell for root. Logging in as root at a console
> > > (something you should never do,=20
> >=20
> > Why on earth not?
>
> In an environment with a lot of administrators, logging in directly as
> root gives no accountability for who did what. Having to log in first
> as a user and then su to root allows you to see who logged in at a
> certain time when foo was changed. Even in a single administrator
> situation, it is useful as you know that either a) both your password
> and root's password were compromised or b) you left a terminal sitting
> open that got hijacked.
Pshaw!!
By all means restrict root logins to those with physical access. RHL is
setup this way anyway. Anyone in a position to lay hands on the physical
hardware has all the access needed to do seriously bad things anyway.
I have no problems with stopping folk from logging in as root across a
network.
One of the great weaknesses of Linux is the need to be root to do so many
different things. Being root, one CAN do so many things...
--
Cheers
John Summerfield
http://os2.ami.com.au/os2/ for OS/2 support.
Configuration, networking, combined IBM ftpsites index.
--
To unsubscribe:
mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
