Re: recent etch upgrade... sashroot (uid=0) started to impersonate uid=0 (root)
Yaroslav Halchenko <firstname.lastname@example.org> writes:
> Actually it seems to be not mine, and not sash fault -- it seems to be a
> common practice mentioned in multiple howto's around the web such like
It's a really *bad* common practice. Use of the root account in general
should be minimized and ideally done through an auditing method; creating
*more* root-level accounts, particularly with separate passwords, can
cause all sorts of interesting problems. I've worked in organizations
that did this as a matter of course and seen disaster as a result.
The reason why sash does this is different than the reason why people
usually talk about it on the web, but while the sash use makes a moderate
amount of sense at first glance, I'm not sure how often it's really useful
compared to booting single-user or just changing the shell of the root
account itself and normally using sudo.
Russ Allbery (email@example.com) <http://www.eyrie.org/~eagle/>