theoretical question - can root's username be changed?
Matthew Miller
mattdm at mattdm.org
Fri Dec 2 16:25:40 UTC 2005
On Fri, Dec 02, 2005 at 08:34:02AM -0500, Claude Jones wrote:
> This is getting at what I was trying to understand - This raises another
> question. A constant suggestion I've read is to block root logins and use
> sudo. If someone breaks in using my login/pw combo, what's to prevent them
> from using sudo to get root privileges? If they've hacked my
> username/password, then wouldn't sudo be the first thing they'd try, too?
Sudo is a compromise between convenience and higher security.
It's not as bad as you first think, though, provided you have a good solid
password, because many security flaws grant access to an account *withuout*
a password, so the attacker may not have that.
Also, since failed sudo attempts are logged, a careful attacker may avoid
trying it until a last resort, since if the compromised account *doesn't*
have sudo access, the admins will be tipped off.
--
Matthew Miller mattdm at mattdm.org <http://mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
More information about the fedora-list
mailing list