On Sun, May 31, 1998 at 09:22:40PM -0400, Alex Yukhimets wrote: > > I know that this is a bit of a side issue, but what are the consequences > > of giving root a different user name? I have done it in test installs and > > "frog" was able to log in with root priviledge, but I haven't held onto > > such a system long enough to see what might break. I think I've heard of people doing such things to make cracking root slightly more difficult (you can't login as "root" and guess passwords anymore, you've got to guess usernames, as well, eg), or, alternatively, so you can make a dummy user with the name "root", so if people do crack that account they don't get quite as much power as they'd hoped. I can't say that I think it's a particularly useful security measure, but it's a possible one. > Installation script for my program (WXftp) will break :) > It checks whether it is running by "root" user. > dh_testroot from debhelper does exactly the same, btw. Ugh. TTBOMK, it's generally better to test for uid 0 than any particular username, so dh_testroot should probably have something like the following patch applied: --- /usr/bin/dh_testroot Tue Mar 31 14:50:14 1998 +++ dh_testroot_new Mon Jun 1 12:12:24 1998 @@ -5,6 +5,6 @@ PATH=debian:$PATH:/usr/lib/debhelper . dh_lib -if [ "`whoami`" != root ]; then +if [ "`id -u`" != 0 ]; then error "You must run this as root." fi Are there any problems with doing things this way? Cheers, aj -- Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/> I don't speak for anyone save myself. PGP encrypted mail preferred. ``It's not a vision, or a fear. It's just a thought.''
Attachment:
pgpoeud1eUXzj.pgp
Description: PGP signature