Re: question about Linux boxes only running as root



Unruh <unruh-spam@xxxxxxxxxxxxxx> writes:

IF that system never ever ever is connected to the net in any way,
via modem or ethernet, or anything else, then this may well be
fine. It is still dangerous, since that account CAN run anything, on
purpose or by accident. It can also do immense damage (rm -r /)
which a special account could not.

Good point. For instance, someone may walk up to a terminal, and do
something at the terminal that allows them to gain access to the root
account. Some programs like vim and more (less) allow shell access.


And then someone can walk up to a dedicated application, and with the
mouse save a file that overwrites a file like /etc/passwd -
/etc/shadow, and thereby deleting the password. Or they can trash the
system by overwriting some critical file.


It took Microsoft decades to realize the mistake of running the system
under an adminitrator account. There is a reason for this.
.



Relevant Pages

  • Re: Hobbit or Lord of the Rings
    ... The fact that science has been able to account for the ... development of complex living things, ... Why is such an account so important? ... Many people feel a need to have a purpose in existing. ...
    (rec.arts.sf.written)
  • Re: Mormons : a filthy cult!
    ... was "Hitler's Germany" and Germany was/is certainly a christian nation. ... Holding totalatarians to account wasn't the purpose of my post. ...
    (alt.home.repair)
  • Re: inquiry on shared folders
    ... An account for this purpose must reside on the ... Win2k machine and permissions for it must be granted at the Share. ... Win98 machine must use the same account. ... If yes,are there some configurations that needs> to be set-up for them to communicate? ...
    (microsoft.public.win2000.networking)
  • Re: Excerpt from PayPal Developer Centre
    ... official and provides a paypal link watch where your browser actually ... It now has a feature to verify you are at a valid ebay site. ... trying to gain access to your account right now too. ...
    (borland.public.delphi.non-technical)
  • Re: Cannot authenticate to NNTP server with Net::NNTP authinfo()
    ... question regarding authentication on an NNTP server via the authinfo ... For the purpose of this posting, I have opened a throwaway free (but ... verified that the account works fine in my slrn news client. ...
    (comp.lang.perl.misc)