Re: [root user] How to disable root account?
From: Maxim Vexler (hq4ever_at_gmail.com)
Date: 11/25/05
- Previous message: Andrew M.A. Cater: "Re: Debian 1.3.1 (Bo) ISO files"
- In reply to: Robert Brockway: "Re: [root user] How to disable root account?"
- Next in thread: d_at_jerkface.net: "Re: [root user] How to disable root account?"
- Reply: d_at_jerkface.net: "Re: [root user] How to disable root account?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Fri, 25 Nov 2005 13:33:34 +0200 To: Robert Brockway <rbrockway@opentrend.net>
On 11/25/05, Robert Brockway <rbrockway@opentrend.net> wrote:
> On Thu, 24 Nov 2005, Björn Lindström wrote:
>
> > passwd -l simply sets the password to a value matching no
> > passwords. sudo works by running SUID root, and so does not depend on a
> > root password in any way.
>
> Actually that depends on how sudo is configured. In some configurations
> sudo does depend on the root password (rather than the user a/c password)
> for authentication.
>
> Anyone wanting to lock the root account (not a good idea IMHO) should have
> a root enabled session (sudo, su or whatever) put to the side and not
> touched during the procedure. This session would be used only to reverse
> the procedure if it was found that establishing superuser privs was no
> longer possible in new sessions.
>
> Rob
>
> --
> Robert Brockway B.Sc. Phone: +1-416-669-3073
> Senior Technical Consultant Email: support@opentrend.net
> OpenTrend Solutions Ltd. Web: www.opentrend.net
> We are open 24x365 for technical support. Call us in a crisis.
>
In the worst case, couldn't someone just boot from a livecd, run
[passwd root], then [cat /etc/shadow | grep root] on the livecd and
finally simply copying that entry into the locked out system shadow
file ?
-- Cheers, Maxim Vexler (hq4ever). Do u GNU ?
- Previous message: Andrew M.A. Cater: "Re: Debian 1.3.1 (Bo) ISO files"
- In reply to: Robert Brockway: "Re: [root user] How to disable root account?"
- Next in thread: d_at_jerkface.net: "Re: [root user] How to disable root account?"
- Reply: d_at_jerkface.net: "Re: [root user] How to disable root account?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
