Re: theoretical question - can root's username be changed?



On Fri, 2005-12-02 at 08:34 -0500, Claude Jones wrote:
> On Fri December 2 2005 8:23 am, Matthew Miller wrote:
> > Beyond that, the name you pick doesn't really matter, since the power is in
> > uid/gid 0, not in the name. And, someone trying to break in other than
> > through password-guessing (which they won't even be able to try if you
> > block external root logins) won't care what the name is; they'll aim for
> > uid 0. (In fact, a common system-hacker thing to do is create a second
> > account with uid 0.
>
> This is getting at what I was trying to understand -
> This raises another question. A constant suggestion I've read is to block root
> logins and use sudo. If someone breaks in using my login/pw combo, what's to
> prevent them from using sudo to get root privileges? If they've hacked my
> username/password, then wouldn't sudo be the first thing they'd try, too?

You are correct in that. That is also the reason the suggestions are
very strong that all users must have strong passwords, and that users
have different passwords on different servers.

Script kiddies can easily use the root account to try and hack in
because of the known name. It is a little harder to identify another
user and try to hack in that way, but even if they succeed with a normal
user account it also still means they need another method to get root
privileges.
This means that breaking in with a regular user account does not give
them root access directly.

Sudo is one quick way to allow them the root access and as such even
limited commands should be restricted to only those users that actually
need it and that also use strong passwords.

Security is not a single shell which opens up everything with a single
crack, but rather layers that all working together do the job.

> --
> Claude Jones
> Bluemont, VA, USA
>

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list



Relevant Pages

  • Re: audacity export wma format[1 more question]
    ... default now comes with sudo enabled. ... The user either chooses to enter a root password and also a user ... install time only a user account and user password is input, ... So whether it is set up after an install ...
    (Debian-User)
  • Re: [OT] Debian mailinglists [was: RE: Debian or Ubuntu?]
    ... There isn't many times that I want to run *a* command as root. ... and suing to root is functionally identical thus sudo is not needed. ... Also the matter of passwords is moot. ...
    (Ubuntu)
  • Re: root password?
    ... Though the first thing I do on a machine I log onto is a sudo bash in order ... to have control of the machine, I still refuse to set root passwords as ... Cleveland State University ...
    (Ubuntu)
  • Re: Security of using sudo rather than su?
    ... or anything other than a simple personal workstation. ... root stuff, then he'd su and have full root priviledges. ... Absolutely --- that's the sort of situation that sudo was intended ... enforce strong passwords ...
    (Ubuntu)
  • Re: Reporting missing package during install
    ... Any user account opens the door to the root ... Trojan in a user account. ... using their own account than they are with the root one. ... The Trojan could exploit sudo to gain access to the root account by ...
    (Debian-User)