'su root' w/o password: insecure?
From: Enric Martínez (runle_at_saraswati.tk)
Date: 04/30/04
- Next message: Peter Köhlmann: "Re: 'su root' w/o password: insecure?"
- Previous message: Frankino: "SUSE 9 Adsl - Modem Sagem 800 - network is unreachable"
- Next in thread: Peter Köhlmann: "Re: 'su root' w/o password: insecure?"
- Reply: Peter Köhlmann: "Re: 'su root' w/o password: insecure?"
- Reply: Charles Prince: "Re: 'su root' w/o password: insecure?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Fri, 30 Apr 2004 00:22:37 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hey folks,
I am a just arrived SuSE freshman, I have a quite extense experience with
Linux dating from 1996, but I'm used to the Debian way.
One thing wich called my atention was that I can get root tipping only 'su
root' on the console and this behaviour makes me ask if this wouldn't be a
security risk.
I have taken a glance at Yast2 and the security settings seemed quite nice,
with all this nifty secumod features and I will surely find the way to
disable this behaviour for myself, so mi questions are:
Is it secure to use the passwordless approach?
And if it is secure:
How is security managed in SuSE in a way that makes this bahaviour safe?
TIA
- --
R3G4RDZ
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQFAkYAtzxMJf1zyJjcRAqy4AKDQac3gU/bZ3KjSUQV3MyNYUsQMowCgo+uT
gxp/FjSLzYIHM0GXoyNYgJY=
=cxgq
-----END PGP SIGNATURE-----
- Next message: Peter Köhlmann: "Re: 'su root' w/o password: insecure?"
- Previous message: Frankino: "SUSE 9 Adsl - Modem Sagem 800 - network is unreachable"
- Next in thread: Peter Köhlmann: "Re: 'su root' w/o password: insecure?"
- Reply: Peter Köhlmann: "Re: 'su root' w/o password: insecure?"
- Reply: Charles Prince: "Re: 'su root' w/o password: insecure?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
