Re: Root login

To: Paweł Krzywicki <krzywicki.pawel@googlemail.com>
Cc: debian-security@lists.debian.org
Subject: Re: Root login
From: Marek Kubica <marek@xivilization.net>
Date: Thu, 4 Sep 2008 14:47:54 +0200
Message-id: <[🔎] 20080904144754.35fb0014@halmanfloyd.lan.local>
In-reply-to: <[🔎] 200809041325.13553.krzywicki.pawel@gmail.com>
References: <[🔎] 48BF9844.3040001@vodafone.it> <[🔎] 200809041325.13553.krzywicki.pawel@gmail.com>

On Thu, 4 Sep 2008 13:25:13 +0100
Paweł Krzywicki <krzywicki.pawel@googlemail.com> wrote:

> > the solution was as Cerbelle said. Login as a normal user and do
> > sudo ( or you can activate root login from the login menu; but i
> > personally consider it really dangerous!)
> I am wondering why this is dangerous? 
> If your password is seen as "strong" "FaG34#fCFD12drtfdg" something
> like this for example why this is dangerous?

The point is, that 1) not too many people use strong passwords 2)
having root access allowed makes it harder to break in, since the
username is known as it is always "root". User-accounts might be named
pawel, pawelk, krzywicki or be completely unknown for the attacker.

regards,
Marek

Reply to:

Follow-Ups:
- Re: Root login
  - From: Vincent Deffontaines <vincent@gryzor.com>

References:
- Root login
  - From: "kishore@vodafone.it" <kishore@vodafone.it>
- Re: Root login
  - From: Paweł Krzywicki <krzywicki.pawel@googlemail.com>

Prev by Date: Re: Root login
Next by Date: Re: Root login
Previous by thread: Re: Root login
Next by thread: Re: Root login
Index(es):
- Date
- Thread