What I HATE about F11
Krzysztof Halasa
khc at pm.waw.pl
Sun Jun 14 21:58:18 UTC 2009
Richard Fearn <richardfearn at gmail.com> writes:
>> Who says the first created user is root-equivalent?
>
> It wouldn't be root-equivalent. You have to explicitly use sudo, and
> enter your password when you do use it. It's not the same as a root
> prompt.
It is from a security person POV.
If an attacker compromises your non-root account, and if you use sudo or
whatever to "switch" to root then root as compromised as well, password
or no password. You have to use a secure terminal and a secure "path" to
the root session to be really secure.
--
Krzysztof Halasa
More information about the fedora-devel-list
mailing list