edit root alias when installing the OS

Callum Lerwick seg at haxxed.com
Sat Jan 7 22:52:36 UTC 2006

On Thu, 2006-01-05 at 19:15 -0800, Michael A. Peters wrote:
> I can't speak for Ubuntu - but OS X has a root account.
> sudo su -
> and you are root.

Well any unix is not likely to get rid of root entirely, but you can
eliminate the password on the account and discourage its direct use.

> It weakens OS X because by default, every admin password is essentially
> a root password.

I'm not seeing a convincing argument as to why this is any worse than
every admin knowing the root password.

> In the early days it was *really* bad - as one could from a local
> account do nidump passwd . and then run it through jtr to crack weak
> admin passwords (and thus root the box). At least now they finally have
> some sort of shadow implemented to prevent that.

I don't see how weak passwords are sudo's fault.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20060107/376ef4c6/attachment.sig>

More information about the fedora-devel-list mailing list