theoretical question - can root's username be changed?
Claude Jones
claude_jones at levitjames.com
Fri Dec 2 13:34:02 UTC 2005
On Fri December 2 2005 8:23 am, Matthew Miller wrote:
> Beyond that, the name you pick doesn't really matter, since the power is in
> uid/gid 0, not in the name. And, someone trying to break in other than
> through password-guessing (which they won't even be able to try if you
> block external root logins) won't care what the name is; they'll aim for
> uid 0. (In fact, a common system-hacker thing to do is create a second
> account with uid 0.
This is getting at what I was trying to understand -
This raises another question. A constant suggestion I've read is to block root
logins and use sudo. If someone breaks in using my login/pw combo, what's to
prevent them from using sudo to get root privileges? If they've hacked my
username/password, then wouldn't sudo be the first thing they'd try, too?
--
Claude Jones
Bluemont, VA, USA
More information about the fedora-list
mailing list