[wellylug] UBUNTU 5.10 Dapper. First experiences!

Daniel Pittman daniel at rimspace.net
Fri Nov 17 13:44:49 NZDT 2006


Gerald Roehrbein <Gerald.Roehrbein at oraforecast.com> writes:

> Hello Daniel,
> thanks a lot for your answer.
>
>> gust do: sudo passwd root
>> 
>> and enter a root password, and it will work then.
>
> I'm just meditating/ think about the pro's and contras of this.
>
> In my opinion the system will not become more insecure if I will allow
> root login as usual.

Not substantially.  There is some minor loss in safety, through the
obscurity of a more targeted attack being required to try and access
your root account going away.

Using a non-root account isn't a real gain in security, but until
attackers adapt to the change it is a minor gain -- you stay safe
longer, and can theoretically treat root login attempts as a "honeypot"
to catch and ban attackers...


This is a minor loss of security, in that services you install may now
permit access as a privileged user where, previously, they couldn't.


There is a minor loss of sanity, as many people want to allow root
logins so they can run a full graphical environment as root -- not a
good idea, at all.


All in all, though, it doesn't make much difference if you are clever
enough to know why you want a working root login, and experienced enough
to deal with two passwords to manage your system rather than one.

Regards,
        Daniel

Personally, I just use sudo, despite ten years on machines with direct
root logins. :)
-- 
Digital Infrastructure Solutions -- making IT simple, stable and secure
Phone: 0401 155 707        email: contact at digital-infrastructure.com.au
                 http://digital-infrastructure.com.au/




More information about the wellylug mailing list